I started this site and blogging as a personal journal almost exactly 16 years ago today, in September 2003. Over the last 16 years, I’ve used three different open source engines to implement the site, starting with .Text, it’s successor SubText and then moved to Orchard CMS in 2013. Orchard served me well for the last six years, but after much consideration, I’ve made yet another re-platforming move. The site you’re reading right now is on the new platform!

Here’s a post that teaches you a technique that you can start leveraging in your SharePoint Framework (SPFx) projects right away!

I just a few short weeks I will be at the SharePoint Fest (SPFest) conference in Seattle presenting a few sessions for developers. This is expected to be a great conference just like other SPFest conferences such as those in Washington DC and Chicago. You’ll find me presenting full-day & half-day workshops as well as 3 sessions at this show.

Microsoft regularly hosts three different community calls under the SharePoint PnP program on various topics. However, during the month of July 2019 schedules are getting a bit out of control with various vacations where no one from the Microsoft side can host the calls and start the recordings. So, they are taking the month of July 2019 off.I volunteered to host two calls in July for those of us who don’t want to miss the JavaScript & SharePoint Framework Special Interest Group calls! These will be similar to the Microsoft-hosted calls, but just hosted and run by the community. We’re calling these Summer Camp Calls!

Earlier this week, on Tuesday, May 7, 2019, Microsoft released v1.8.2 of the SharePoint Framework (SPFx). A little over a month ago, I wrote about the v1.8.0 release. Since then we had another minor release (v1.8.1) released on April 16, 2019. In this post, I’ll summarize what you can find, and share some additional details I found after spending some time picking apart the last two minor releases.

I’m excited to share this latest update to my course, Mastering the SharePoint Framework for developers. This update, packaged as sprint 16, includes one new chapter and a LOT of updates. When I originally planned out sprint 16, I intended to record a lot of new content. However when the SPFx v1.8.0 release came out there were enough changes to SPFx that I decided to go back and update the course, including adding some new lessons, completely re-recording existing lessons and updating quite a few lessons (both video & notes).

On Thursday, March 14, 2019, Microsoft released v1.8.0 of the SharePoint Framework (SPFx). This release is packed with many features that were previously in developer preview to the Generally Available (GA) milestone. However, there are some subtle updates that developers have been asking for. In this post, I’ll summarize some of what you can find, but also share some details I found after spending some time with the v1.8.0 release, kicking the tires and finding a few resolutions to issues.

In my last post, Securing an Azure Function App with Azure AD - Works with SharePoint Framework!, I showed how you can secure a REST API deployed as an Azure Function App using Azure Active Directory (AzureAD). This comes in quite handy when you want to secure some custom server-side business logic that”s called from a SharePoint Framework (SPFx) client-side solution. The SPFx docs show how to use APIs with permissions to the Microsoft Graph. This post will explain how to add custom permissions to the AzureAD application that is used to secure your Azure Function.

If you create an application or API that is secured with Azure AD, you are likely going to require a consumer of your application to provide an OAuth access token in order to access your application or API. The caller would have to obtain this token from Azure AD by first authenticating with Azure AD and then request a token for your application. But anyone can create an OAuth access token. It”s just a JSON object that has a set schema and then base64 encoded. There”s nothing secure about it.What legitimizes its use as a security token is that the creator of the token digitally signs the token with a public-private key pair. The creator of the token uses their private key and includes the result in the OAuth access token in the JWT (JavaScript Web Token) format. If you”ve elected to use Azure AD to secure your REST API, you have established a trust with Azure AD.

I recently published a new chapter in my Mastering the SharePoint Framework on-demand course for developers that included a section that showed how to call a REST API deployed using an Azure Function App and secured with Azure AD from the SharePoint Framework. When I was working on this chapter, it felt like the process of configuring an Azure Function App to be secured with Azure AD was harder and more complex than it should have been. Specifically, some of the things you do aren’t explained as well… so I decided to blog about it here!