Changing user password in Azure AD using GraphAPI

The following pertains to a very specific scenario: You use Azure AD for some applications (e.g. Office365), but… …one of your applications does NOT use Azure AD (yet). It has its own authentication store and method (e.g. forms authn). However, you want to keep the application’s credentials in sync with AAD. Basically, allow same signon […]

Passive is good!

Some time back I wrote about avoiding handling of credentials (creation/maintenance/verification of user names, passwords, pins, etc.) in your own application code, but rather delegating that functionality to a specialized, external identity provider (IdP; http://blogs.msdn.com/b/mrochon/archive/2014/12/02/should-an-application-handle-user-credentials.aspx). This aversion should apply to even collection of credentials (e.g. asking the user for user name/password). Even that role should be delegated […]