Entra App Registration: A deep dive into configuration part 3

Secrets and permissions are the main topic on the third episode of our Entra/Azure App registration deep dive, but Marius Solbakken Mellum, Amesto Fortytwo and Olav Tvedt, Sparebanken Vest are also taking a look at API permissions

00:00 Intro
00:50 Certificates and secrets
01:00 Implicit/public flows
02:15 Service principals
04:00 Enterprise apps
04:35 API permissions
04:50 Delegated/user permissions
05:05 Adding application permissions
06:20 Grant admin consent
07:05 PowerShell connecting to the app
10:20 Checking access token / Bearer
14:20 Adding more permissions
17:05 Revoke admin consent and token lifetime
19:10 Continuous access evaluation
23:15 Certificates
24:15 Key vaults and certificates
24:55 Federated credentials
25:09 Adding credentials (GitHub actions /Azure Devops etc.)
26:25 Benefits of federated credentials and expiration