Azure ad login5/28/2023 Once that trust relationship is created, your software workload can exchange trusted tokens from the external IdP for access tokens from Microsoft identity platform. You use workload identity federation to configure an Azure AD app registration or user-assigned managed identity to trust tokens from an external identity provider (IdP), such as GitHub. You also run the risk of service downtime if the credentials expire. These credentials pose a security risk and have to be stored securely and rotated regularly. For a software workload running outside of Azure, you need to use application credentials (a secret or certificate) to access Azure AD protected resources (such as Azure, Microsoft Graph, Microsoft 365, or third-party resources). When these workloads run on Azure, you can use managed identities and the Azure platform manages the credentials for you. ![]() Typically, a software workload (such as an application, service, script, or container-based application) needs an identity in order to authenticate and access resources or communicate with other services.
0 Comments
Leave a Reply. |