Design an authentication and authorization strategy
Azure AD is the foundation of identity management and access control in Azure.
Every organisation can create a tenant and register users, applications, devices to it that in turn will be able to access a number of other resources all connected to their tenants.
In this post, I will share my study notes that I took while preparing for the exam Azure AZ400 “Design an authentication and authorization strategy”.
Design an access solution (Azure AD Privileged Identity Management (PIM), Azure AD Conditional Access, MFA)
Simplifying a lot, Azure AD could be seen as a typical “dbo.User” table that one may find in a commercial product.
Not only that, Azure AD provides numerous mechanisms to handle a user’s session.
Azure AD Privileged Identity Management (PIM) allows just-in-time and time-bound access to privileged roles.
Just in time access to a role means the user won’t have that role permanently but only when required.
Time-bound access means the user will only be able to keep the role for a limited amount of time before…
