Microsoft Identity Platform
- OAuth 2.0 authorization code flow for web apps; client credentials for daemon apps.
- MSAL libraries handle token acquisition, caching, and silent refresh.
- App registrations define redirect URIs, API permissions, and client secrets.
- Managed identities eliminate the need to store credentials in code.
Key Vault
- Secrets: connection strings, passwords, API keys with versioning.
- Keys: RSA and EC keys for encryption/signing; supports HSM-backed keys.
- Certificates: automated renewal and integration with App Service.
- Access control via RBAC (recommended) or vault access policies.
Practice Identity & Key Vault Questions
Put your knowledge to the test with practice questions.