Validating Azure AD B2C Tokens

I recently ran into an issue where I needed to help a customer validate an Azure AD B2C JWT access token. We tend to take JWT tokens for granted and sometimes forget that they should be validated by the application. I thought this was going to be pretty straight-forward to solve since Azure AD B2C is effectively Azure AD under the hood. I was wrong. I initially thought browsing to the OIDC metadata endpoint would reveal the info I needed to validate the signature of the JWT but finding the endpoint was my first challenge. Continue reading

Getting Started With Terraform on Azure

Check out the official Get Started - Azure tutorial here Terraform basics Download and Install Download terraform from https://www.terraform.io/downloads.html Extract the executable and add the folder to your PATH variable Open a shell and type terraform version The basic commands we’ll use are: terraform init terraform plan terraform apply terraform destroy I advise you to use the terraform fmt command often to ensure your scripts well formatted according to HashiCorp’s style conventions Continue reading