Hi @Rezaal860 - we will need to check into that. Feel free to open a
support ticket on that one so it gets the appropriate attention and we
can gather all the required data.
There are various fraud detection methods that they use, but some of the
most common include suspicious activity reports, transaction monitoring,
and data analytics. Suspicious Activity Reports (SARs) are one of the
primary ways that banks detect fraud.
@adrian_hall we tried the policy fragment route , but soon hit the wall
because multi-valued claim check simply doesnt work in the new policy
validate-azure-ad-token. To be precise, this wont work: <fragment>
<validate-azure-ad-token tenant-id="contoso.onmicrosoft.com"
failed-validation-error-messag...
Hi @Rezaal860, given the way that Azure AD scopes and permissions work,
there should be no problem doing a generic check at the product level,
and then either checking the decoded JWT during the API and Operation or
doing another check for the specific claims. Policy fragments will allow
you to set ...
@adrian_hall Great works. Thanks for this new policy. Quick question why
did you guys decide to make client ID and audience, mandatory? What if
somebody wants to check for different attributes at different levels.
For example, at the API level I would like to do something like below
policy and it do...
Latest Comments