Podcast: Security Patterns For Client-Side Apps Running In The Browser
Great to have Dr. Philippe De Ryck on the podcast. He talked about various security challenges faced by developers while working with client-side applications. Do you know the security considerations when choosing b/w Local versus Session storage? How does the Single Origin Policy work? How to encrypt local storage? You may learn a thing or two if you don’t!
Read next
- Digital Identity
Using Client Certificate Authentication for Web API Hosted in Azure
During recent customer engagement there was a discussion around client certificate [a.k.a tls mutual] authentication and how to use it with asp.net web api that is hosted on azure as a azure api app.
- Digital Identity
Entra Agent ID Across Clouds: Part 5, Anti-Patterns
Final article in the five-part series on running Microsoft Entra Agent ID against third-party clouds. Closes the loop with the variants and failure modes that consume the same operational budget as the federated pattern without delivering its security properties, and ends with the takeaways worth pinning to the team wiki.
- Digital Identity
Entra Agent ID Across Clouds: Part 4, FIC, Cross-Tenant, and OBO
Fourth article in the five-part series on running Microsoft Entra Agent ID against third-party clouds. Opens up the Federated Identity Credential as a first-class object: single-tenant, cross-tenant SaaS shape, and the orthogonal world of on-behalf-of (OBO) where the agent acts for a signed-in user.
Worth reading again?
Get the next one in your inbox.