If you create an application or API that is secured with Azure AD, you are likely going to require a consumer of your application to provide an OAuth access token in order to access your application or API. The caller would have to obtain this token from Azure AD by first authenticating with Azure AD and then request a token for your application. But anyone can create an OAuth access token. It”s just a JSON object that has a set schema and then base64 encoded. There”s nothing secure about it.What legitimizes its use as a security token is that the creator of the token digitally signs the token with a public-private key pair. The creator of the token uses their private key and includes the result in the OAuth access token in the JWT (JavaScript Web Token) format. If you”ve elected to use Azure AD to secure your REST API, you have established a trust with Azure AD.
Read More I recently published a new chapter in my Mastering the SharePoint Framework on-demand course for developers that included a section that showed how to call a REST API deployed using an Azure Function App and secured with Azure AD from the SharePoint Framework. When I was working on this chapter, it felt like the process of configuring an Azure Function App to be secured with Azure AD was harder and more complex than it should have been. Specifically, some of the things you do aren’t explained as well… so I decided to blog about it here!
Read More In the SharePoint Framework v1.6.0 release, Microsoft introduced a new capability to the framework. After a long time in the developer preview state, that release gave developers the ability to call Azure AD secured APIs & endpoints through a proxy Azure AD application.
Read More I’m excited to share this latest update to my course, Mastering the SharePoint Framework for developers.
Read More I recently replaced my traditional home security system with a more modern setup. The old system was your typical box with multiple wired sensors hooked up to doors, windows, motion detectors & smoke/carbon monoxide detectors.
Read More Home security systems usually mean expensive boxes in an obscure place in your house with a bundle of messy sensor wires hooked up to a circuit board, dumb keypads from the 1980’s and other uninspiring tech.
Read More I’m looking forward to the premiere Microsoft SharePoint Conference 2019 in Las Vegas, May 19-24, 2019, at the MGM Grand.
Read More Over the last two weeks, I have been presenting on the topic of the SharePoint Framework (SPFx) at a pair of SharePoint conferences (the European SharePoint Conference in Copenhagen & SharePoint Fest in Chicago).
Read More You know what I don’t like about automated tests? Most of the time, we don’t automate them, we just instrument them.
Read More The latest version of the SharePoint Framework (SPFx) released a few weeks ago, v1.7.0, uncovered a few issues between how the various Node.
Read More 
