Microsoft Azure Active Directory as KeyCloak Identity Provider

Today I did a fun POC on KeyCloak and Active Directory, and I justed wanted to share my findings. In my case KeyCloak is used by a corporate system on top, in which we want to use our AAD users for login and role assignment and so on.

The KeyCloak Server

For this POC I followed the excellent documentation on https://www.keycloak.org/docs/latest/getting_started/index.html to set up my local KeyCloak Server. Once up and running go to http://localhost:8080/auth to create your admin user.

Continue reading “Microsoft Azure Active Directory as KeyCloak Identity Provider”

Restrict your Logic App to be accessed only by API Management

On a client project with a particular focus on security, I faced the concept of “securing your Logic Apps with API Management.” While wrapping any services within API Management is often the right design choice for service distribution, management, and onboarding of services, it’s important to remember that a Logic App with HTTP trigger is still publicly available to anyone that holds the URL (with SAS Token). And you have limited governance with regards to who is calling your service.

For this scenario I wanted to make sure that only API management is authorized to call the Logic App endpoint.

Continue reading “Restrict your Logic App to be accessed only by API Management”

Setup Office365 to read calendar and email metadata via Microsoft Graph API

I have recently been part of a project, Building Nomi, where I was able to work on different types of integration tasks. With Building Nomi we were analyzing everyday metadata from the calendar and email to map the cooperation within organizations.

I thought I might share some of the work here. In this post, I will walk through how to set up your Office365 to be able to access email and calendar metadata through Microsoft Graph API.

Steps:

  1. Register Building Nomi Application (https://portal.azure.com)
  2. Assign permissions to Building Nomi Application
Continue reading “Setup Office365 to read calendar and email metadata via Microsoft Graph API”

Setup Google Workspace to read email and calendar metadata via APIs

I have recently been part of a project, Building Nomi, where I was able to work on different types of integration tasks. With Building Nomi we were analyzing everyday metadata from the calendar and email to map the cooperation within organizations.

I thought I might share some of the work here. In this post, I will walk through how to set up your google workspace to be able to access email and calendar metadata through API Google API’s.

Steps:

  1. Create project Building Nomi on your workspace (https://console.cloud.google.com)
  2. Enable APIs on Project (https://console.cloud.google.com)
  3. Create a Service Account (https://console.cloud.google.com)
  4. Assign permissions (https://admin.google.com/)
Continue reading “Setup Google Workspace to read email and calendar metadata via APIs”