Monday, August 19, 2019
Friday, August 9, 2019
Azure AD Webhooks (Azure Notifications)
Webhooks playing a much important role in today's event-driven communication between the server and a client, especially broadcasting changes from server to clients involving any changes. In a way, webhooks works reverse than the usual client sends a request to a server/service.
Lately,
most of the cloud service providers have this feature in their cloud offerings.
I got a chance to check out and try Microsoft Azure AD webhooks/notifications.
It comes handy especially when there is a requirement to monitor activities and
notify concern parties for action. For example, user & group management
actions "create/update/delete" from Azure AD and gets notified to a
pre-configured HTTPS notification URL.
Azure AD has the option to subscribe to "notifications" to quiet a list of services.
Here is the link for the list of supported resources.
A Sample application to subscribe to Azure AD Graph API "/users" endpoint, notification and receive the notification to configured notification URL. I tested and it served my requirement.
Microsoft sample used ngrok (a web reverse proxy available for free) to configure the HTTP(S) URL to test from the local environment. But, Azure AD functions can be used to get & read the notifications and act on the notification messages.
Quick
demo video --
For
more details check below links from Microsoft. Pretty straight forward to
configure and test quickly.
https://docs.microsoft.com/en-us/graph/webhooks
Thanks
Siva Pokuri
Thursday, April 25, 2019
Tips: Azure AD B2B user UserPrincipalName(UPN) update
Trying to update the UserPrincipalName (UPN) of B2B user to some public domain email address like siva@gmail.com in Azure AD tenant and results below error message.
Error message - "Property userPrincipalName is invalid"
Solution:
Make sure create/update user UPN with verified domain names in Azure AD tenant.
Thanks
Siva Pokuri.
Monday, March 25, 2019
Service providers and identity providers
- Identity provider (IdP)
- Service provider (SP).
Sunday, January 20, 2019
Ping Access internet proxy setting to access token provider
In this kind of set up, secure internet access needed from Ping Access needed in order to register the token provider.
First, register the internet proxy IP and port number (provide credentials if proxy need authentication) in the Ping Access Administration console settings >> networking >> proxies
Next, Add created proxy instance to Administration/replica Administration nodes and all the engine nodes(If in the multinode cluster setup) else if in a standalone setup adding in Primary Administration node is good enough.
Thanks
Siva Pokuri
Thursday, January 17, 2019
The AccessGate is unable to contact any Access Servers."#011raw_code^301#011
Version: OAM 11.1.2.3 and later
Work Around:
- Go into oamconsole and modify the webagte profile ( may be decrease the Cache Timeout by a second )for the first agent and save it.
- Download webagte artifacts
- Copy the artifacts from the the oam server directory to appropriate directories for the correct webgate.
- Restart the webserver instance on which webgate is running.
Thanks,
Aditya.