Simplified Microservice Deployment with Azure Container Apps and Dapr

Introduction In this blog post we look into a scalable and flexible platform to run microservices on Azure without the complexity of managing infrastructure. Azure Container Apps allows you to run containerized microservices and integrating Dapr (Distributed Application Runtime) can simplify the communication between services, manage state, and handle pub/sub messaging. This blog also shows how to set up Azure Container Apps, and how to deploy Dapr-enabled microservices that communicate with each other. ...

October 7, 2024 · 5 min · 1012 words · Me

Understanding and Mitigating Prompt Injection Attacks with Prompt Shield in Azure AI Studio

Understanding and Mitigating Prompt Injection Attacks with Prompt Shield in Azure AI Studio Introduction In the fast-changing landscape of Generative AI and its applications, keeping AI models secure and reliable is very important. Prompt injection is one of the prominent attack identified against AI Implementations. Azure AI Studio offers a solutions to tackle these threats and is called Prompt Shield. This blog will explain what prompt injection attacks are, their possible effects, and how Azure AI Studio’s Prompt Shield can protect against them. ...

July 13, 2024 · 4 min · 685 words · Me

Securely calling Azure API from PowerApp Portal

Context Powerapps Portal gives a quick and easy way to build public facing websites. Data in the portal is mostly fetched from Microsoft Dataverse using Powerplatform FetchXML or the portal’s Web API. These operations are secured using portal’s application session, as explained here. Often there are requirements to consume an externally hosted API, in this particular example an API hosted in Azure behind an API Management. With Javascript the only option to trigger an API, implementing a secret based authentication is out of scope. But there is an alternate approach. ...

June 19, 2022 · 3 min · 594 words · Me

Client Certificate authentication using Azure API Management

Introduction APIs have become so popular that almost all websites and applications rely on APIs to get data from server. Often user impersonation is used to authenticate as well as authorize access to the resource exposed by an API, but there are also use cases where application itself needs data from an API for functioning. Currently the most used authentication mechanism is OAuth, where identity management is performed by a third provider and both the client and resource server trusts this identity provider. While this works well, there is also another way to authenticate when the interaction is purely machine to machine, and works based on SSL certificates and is called Client Certificate Authentication. ...

February 27, 2022 · 6 min · 1225 words · Me

Identity in Microsoft Azure - Modern Authentication

Introduction Continuing from the previous post, the new generation of authentication mechanism was created to satisfy the new generation of application, starting from apps that run just in the browser to apps that run on micro-controllers. This new generation of authentication mechanism called as the modern authentication protocols are built on top of the OAuth protocol and taking inspiration from SAML. In the below article the term IDP refers to the Identity provider, the external service that is responsible for authenticating a user and issuing authorization tokens. This service is both trusted by the client app as well as the resource api. ...

August 1, 2021 · 6 min · 1238 words · Me

Identity in Microsoft Azure - A bit of history

Introduction Authentication has been an important component in the world of IT from the time companies required their employees to prove their identity to use the company’s computing resources whether it was to execute its business processes or accessing email or file. During the earlier days employees used to login to their computers using a username and password, which was stored in a central server like an active directory (in case of Microsoft tech stack). With the active directory credentials employees where able to use to login to both their windows computers as well as the email application both of which were in the same network. This approach worked well for many years until the softwares and services that the companies used where no longer within their network. While active directory protocols like NTLM or Kerberos could work across external networks via technologies like VPN it was complex to setup and maintain such an infrastructure while keeping all the connection secure and stable. Also with growing number of users/services and the pace at which the growth occurred, these technologies were not designed to scale at that pace. Hence new Authentication mechanisms were needed. ...

July 24, 2021 · 4 min · 740 words · Me

ASP.Net MVC 5 and Security

Security? Security is one of the most important cross-cutting concern for any web application. All applications (except for static web sites) require to identify a user and restrict the users from viewing or performing actions on pages. Authentication Authentication is the method by which an application identifies a user. By identifying a user, the application can decide whether the user is a valid user to access the application. Authorization Authorization is the way the application decides if the identified user can view a particular page or perform a particular action. ...

October 14, 2017 · 4 min · 645 words · Me