This document summarizes a presentation about authentication and authorization best practices for Microsoft 365 development. It discusses moving from full trust to zero trust models using single sign-on, managed identities, and restricting applications to the lowest necessary permissions. Resource-specific consent is highlighted as a way to grant access to only specific resources, with upcoming improvements making it more granular. Security approaches are noted to increasingly prioritize least privilege and challenge holding permissions unnecessarily.
This is the presentation deck used during the event organized by Cloud Journey User Group on 06th March 2021 to know about the power of Microsoft Graph with focus on applications like Power Apps, Power Automate and dotnet core
Microsoft Graph is the rich, robust API for an increasing number of products across Microsoft. Microsoft Graph has a large footprint of tools, SDKs, and API capabilities you can incorporate in your projects. Come see what's new across products and available for developers -- you'll take away code and tools you'll undoubtedly use as you build apps and services.
Microsoft Graph is the rich, robust API for an increasing number of products across Microsoft. Microsoft Graph has a large footprint of tools, SDKs, and API capabilities you can incorporate in your projects. Come see what's new across products and available for developers -- you'll take away code and tools you'll undoubtedly use as you build apps and services.
Microsoft Graph and Azure Functions - SharePoint User Group FrankfurtDragan Panjkov
This document introduces Microsoft Graph and Azure Functions. It discusses how Microsoft Graph provides access to user, group and organizational data across Office 365 and other Microsoft services. It then explains how Azure Functions can use Microsoft Graph bindings to access this data in a serverless way for building applications and workflows. Examples of using Microsoft Graph bindings in Azure Functions for scenarios like accessing Excel files and sending Outlook messages are provided.
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...Vincent Biret
This document summarizes a presentation about integrating Microsoft Graph, SharePoint Framework, and Azure Functions. The presentation discusses:
1. Using the SharePoint Framework and Azure Functions together for building applications that leverage Microsoft Graph and custom APIs.
2. How Azure Functions provide a serverless platform for developing solutions with triggers and bindings to services like Microsoft Graph.
3. How Microsoft Graph provides a unified API and data model for accessing information in Office 365, Windows 10, and other Microsoft services.
Webinar: Extend The Power of The ForgeRock Identity Platform Through ScriptingForgeRock
Scripting extends ForgeRock products in a powerful way, both for deployers as well as developers. For OpenAM, deployers can embed the ssoadm command line utility in comprehensive shells scripts for ultra fast deployments and configurations. Developers can use scripts for client-side and server-side authentication, policy conditions, and handling OpenID Connect claims. In OpenIDM, scripting allows you to customize various aspects of OpenIDM functionality, by providing custom logic between source and target mappings, defining correlation rules, filters, triggers, and more.
Webinar Highlights:
Scripting
The ForgeRock Platform
Q&A
Join Anders Askåsen, Senior Technical Product Manager, and Javed Shah, Senior Sales Engineer, as they highlight the concepts and show examples and best practices for scripting with the ForgeRock Identity Platform.
This document summarizes a presentation about authentication and authorization best practices for Microsoft 365 development. It discusses moving from full trust to zero trust models using single sign-on, managed identities, and restricting applications to the lowest necessary permissions. Resource-specific consent is highlighted as a way to grant access to only specific resources, with upcoming improvements making it more granular. Security approaches are noted to increasingly prioritize least privilege and challenge holding permissions unnecessarily.
This is the presentation deck used during the event organized by Cloud Journey User Group on 06th March 2021 to know about the power of Microsoft Graph with focus on applications like Power Apps, Power Automate and dotnet core
Microsoft Graph is the rich, robust API for an increasing number of products across Microsoft. Microsoft Graph has a large footprint of tools, SDKs, and API capabilities you can incorporate in your projects. Come see what's new across products and available for developers -- you'll take away code and tools you'll undoubtedly use as you build apps and services.
Microsoft Graph is the rich, robust API for an increasing number of products across Microsoft. Microsoft Graph has a large footprint of tools, SDKs, and API capabilities you can incorporate in your projects. Come see what's new across products and available for developers -- you'll take away code and tools you'll undoubtedly use as you build apps and services.
Microsoft Graph and Azure Functions - SharePoint User Group FrankfurtDragan Panjkov
This document introduces Microsoft Graph and Azure Functions. It discusses how Microsoft Graph provides access to user, group and organizational data across Office 365 and other Microsoft services. It then explains how Azure Functions can use Microsoft Graph bindings to access this data in a serverless way for building applications and workflows. Examples of using Microsoft Graph bindings in Azure Functions for scenarios like accessing Excel files and sending Outlook messages are provided.
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...Vincent Biret
This document summarizes a presentation about integrating Microsoft Graph, SharePoint Framework, and Azure Functions. The presentation discusses:
1. Using the SharePoint Framework and Azure Functions together for building applications that leverage Microsoft Graph and custom APIs.
2. How Azure Functions provide a serverless platform for developing solutions with triggers and bindings to services like Microsoft Graph.
3. How Microsoft Graph provides a unified API and data model for accessing information in Office 365, Windows 10, and other Microsoft services.
Webinar: Extend The Power of The ForgeRock Identity Platform Through ScriptingForgeRock
Scripting extends ForgeRock products in a powerful way, both for deployers as well as developers. For OpenAM, deployers can embed the ssoadm command line utility in comprehensive shells scripts for ultra fast deployments and configurations. Developers can use scripts for client-side and server-side authentication, policy conditions, and handling OpenID Connect claims. In OpenIDM, scripting allows you to customize various aspects of OpenIDM functionality, by providing custom logic between source and target mappings, defining correlation rules, filters, triggers, and more.
Webinar Highlights:
Scripting
The ForgeRock Platform
Q&A
Join Anders Askåsen, Senior Technical Product Manager, and Javed Shah, Senior Sales Engineer, as they highlight the concepts and show examples and best practices for scripting with the ForgeRock Identity Platform.
O365 saturday: How to (remote) control office 365 with windows azure-slideshareatwork
Se how you can use Windows Azure to do a lot of provisioning and Automation stuff around Office 365. We Show here for what purposes you can use Automation, and provide examples around Graph API, WAAD, SharePoint REST, CSOM, Exchange managed API.
Spring boot microservice metrics monitoringOracle Korea
This document summarizes a presentation on monitoring microservices with Spring Boot. It discusses evolving architectures from monolithic to microservices and challenges in microservices. It then covers different monitoring techniques like metrics, tracing and logging. It provides an overview of tools like Prometheus, Grafana, Spring Boot Admin, Eureka and Consul for monitoring microservices. Finally, it outlines hands-on labs to set up monitoring of a sample application with different tool combinations.
Spring Boot - Microservice Metrics MonitoringDonghuKIM2
마이크로서비스 아키텍쳐에서의 분산된 서비스간의 모니터링 방법을 소개합니다.
- Microservice Monitoring with Service Discovery (Eureka) Spring Boot Admin
- Microservice Monitoring with Service Discovery (Consul), Prometheus, Grafana
Riwut Libinuko is a Microsoft SharePoint Server MVP living in Singapore who has over 10 years of experience in the IT industry. He has a master's degree in computer system engineering and enjoys coding, robotics, and food. Some of his projects include creating a PBX using a Raspberry Pi and Sipura 3102. He is an active contributor on forums and open source projects. The presentation discusses application virtualization strategies on the Microsoft Azure platform, providing an overview of Remote Desktop Services and Azure RemoteApp. It covers how to set up and manage RemoteApp collections, including publishing applications, managing users, and creating custom images.
พบกับเซสชั่น "Microsoft Graph for Microsoft 365 and Power Platform" ในงาน Microsoft 365 Developer Bootcamp
- แนะนำ Microsoft Graph
- เรียนรู้การเรียกใช้งาน REST API เพื่อเข้าถึงข้อมูลบนบริการต่าง ๆ ของ Microsoft 365
โดยคุณแชมป์ Narisorn Limpaswadpaisarn (Microsoft Certified Trainer)
SharePoint Fest DC - Everything your need to know about the Microsoft Graph a...Sébastien Levert
Since the launch of the Microsoft Graph, a ton of new possibilities are being made available to the Office 365 and SharePoint Developers. The unified API of all the Office 365 is one of the greatest Microsoft innovation of the last few years and is changing the way that solutions are built on Office 365 and SharePoint Online. The launch of the SharePoint endpoints on the Microsoft Graph will enhance our development story and lead to amazing cloud solutions.
This session is a deep-dive into the Microsoft Graph by analyzing the current /v1.0 version of the API and what is coming on the future /beta endpoint. The focus of the session will be on the SharePoint-specific features that the Graph is now offering to the SharePoint developers.
This very demo-intensive session will make sure that at the end you get those 3 key takeaways :
- Understand the role of the Microsoft Graph in the Office 365 ecosystem
- Leverage and interact with your SharePoint data from the Microsoft Graph
- Change the way you will think for your next SharePoint Online solution
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Vincent Biret
Slides supporting the session at the granite state user group meeting of January 2019. Talking as well about #Azure Active directory and lots of other things
Real World SharePoint Framework and Azure ServicesBrian Culver
Building Solution in Office 365 requires leveraging other cloud services, such as Azure Services. For those new to SharePoint and all SharePoint veterans, building cloud ready “Full Trust” solutions for Office 365 introduces a huge paradigm shift over the traditional on-premise full-trust development model.
In this session, we will look at a couple common full trust solutions and move them to Office365 and Azure. We will leverage various Azure services such as Azure Functions, Event Grids and WebJobs. See demonstrations on how event receivers become Azure Function and Event Grids, and timer jobs become Azure WebJobs. Learn about other useful Azure services for replacing full trust functionality. Don’t pass up this opportunity to learn skills and knowledge you need to build Office 365 Solutions leveraging Cloud Services
Attendee Takeaways:
1. Understand how to take Full Trust solutions from On-premise to the Office365.
2. Learn how to use Azure Functions, Event Grids, WebJobs and several other Azure Services.
3. See demonstrations of a couple common Full Trust Solutions converted to cloud solutions on Office365 and Azure.
SPS Utah - Everything your need to know about the Microsoft Graph as a ShareP...Sébastien Levert
The document provides an overview of the Microsoft Graph and how it can be used by SharePoint developers. It discusses how the Graph provides a single endpoint for accessing and traversing Office 365 data through REST APIs and SDKs. It also covers authentication, permissions, and using the Graph Explorer, REST calls, .NET, PnP PowerShell, and JavaScript to interact with the Graph. The document describes capabilities like notifications, open extensions, and schema extensions.
The document provides an overview of Microsoft Azure Mobile Services, including features like structured storage, authentication, backend logic, push notifications, scheduling, and more. It discusses the REST API, JSON to SQL type mappings, auto-generated columns, server-side table scripts, custom APIs, file storage, notification hubs, offline synchronization, the command line interface, and scaling options. Live demos are presented on topics like adding data validation logic, push notifications, authentication, and using the CLI.
SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...Sébastien Levert
Since the launch of the Microsoft Graph, a ton of new possibilities are being made available to the Office 365 and SharePoint Developers. The unified API of all the Office 365 is one of the greatest Microsoft innovation of the last few years and is changing the way that solutions are built on Office 365 and SharePoint Online. The launch of the SharePoint endpoints on the Microsoft Graph will enhance our development story and lead to amazing cloud solutions.
This session is a deep-dive into the Microsoft Graph by analyzing the current /v1.0 version of the API and what is coming on the future /beta endpoint. The focus of the session will be on the SharePoint-specific features that the Graph is now offering to the SharePoint developers.
This very demo-intensive session will make sure that at the end you get those 3 key takeaways :
Understand the role of the Microsoft Graph in the Office 365 ecosystem
Leverage and interact with your SharePoint data from the Microsoft Graph
Change the way you will think for your next SharePoint Online solution
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...atwork
This document discusses how to manage Office 365 using Windows Azure. It provides an overview of authentication and identity management with Office 365 using Azure Active Directory. It also demonstrates provisioning users to Office 365 and accessing Office 365 services through code examples. Requirements and various application integration points for Office 365 services on Windows Azure are outlined.
Windays14 - How to (remote) control Office 365 with Azureatwork
This document discusses how to remotely control and automate Office 365 using Azure. It begins with an overview of why remote control of Office 365 is useful for automation. It then demonstrates authenticating to Azure Active Directory and Office 365 services like SharePoint and Exchange. The document discusses the various APIs and tools available to access and integrate with Office 365 services when deployed on Azure. It provides links to documentation, SDKs, blogs and samples to help developers build automated solutions using Office 365 and Azure.
#Techorama belgium 2018 vincent biret deep dive with the #MicrosoftGraphVincent Biret
Slides supporting the session deep dive with the Microsoft Graph at Techorama Belgium 2018. Talking about authentication, authorization, integrations with azure functions and the SharePoint Framework.
[Oracle Webcast] Discover the Oracle Blockchain Platform through the eyes of ...Sanae BEKKAR
Voici le support de notre présentation du dernier Oracle Virtual Meetup , qui s'est déroulé le 07 Janvier 2020 , auquel on s'est concentré sur la découverte du service Oracle Blockchain Platform, qui offre une solution pré-assemblée pour la construction et l'exécution de SMart Contrat et maintient un ledger distribué inviolable , à travers le Business case 'D-check' la maintenance des pièces de l'avion , l'un des process les plus complexe du monde de l'Aviation .
Rejoignez-nous : https://www.meetup.com/fr-FR/Oracle-Developer-Meetup-France
Bonne lecture!
SharePoint Saturday Chicago - Everything your need to know about the Microsof...Sébastien Levert
This document provides an overview of the Microsoft Graph and how it can be used by SharePoint developers. It discusses how the Graph provides a single endpoint for accessing data from Office 365 through REST APIs. It covers authentication, permissions, and exploring the Graph through tools like the Graph Explorer. It also demonstrates how to retrieve and modify data from the Graph using various approaches like REST calls, SDKs, and webhooks. Finally, it discusses extending the Graph through open extensions and schema extensions.
SharePoint Fest Seattle 2017 - Everything your need to know about the Microso...Sébastien Levert
The document introduces the Microsoft Graph API and how it can be used by SharePoint developers. It provides an overview of the Graph and how it provides a single endpoint for accessing data and insights from Office 365 through various permissions and authentication methods. It also demonstrates how to make HTTP requests to the Graph and explore it using tools like Postman, SDKs, and code examples in languages like C#, JavaScript, and PowerShell.
E-commerce Application Development Company.pdfHornet Dynamics
Your business can reach new heights with our assistance as we design solutions that are specifically appropriate for your goals and vision. Our eCommerce application solutions can digitally coordinate all retail operations processes to meet the demands of the marketplace while maintaining business continuity.
More Related Content
Similar to Microsoft365_Dev_Security_2024_05_16.pdf
O365 saturday: How to (remote) control office 365 with windows azure-slideshareatwork
Se how you can use Windows Azure to do a lot of provisioning and Automation stuff around Office 365. We Show here for what purposes you can use Automation, and provide examples around Graph API, WAAD, SharePoint REST, CSOM, Exchange managed API.
Spring boot microservice metrics monitoringOracle Korea
This document summarizes a presentation on monitoring microservices with Spring Boot. It discusses evolving architectures from monolithic to microservices and challenges in microservices. It then covers different monitoring techniques like metrics, tracing and logging. It provides an overview of tools like Prometheus, Grafana, Spring Boot Admin, Eureka and Consul for monitoring microservices. Finally, it outlines hands-on labs to set up monitoring of a sample application with different tool combinations.
Spring Boot - Microservice Metrics MonitoringDonghuKIM2
마이크로서비스 아키텍쳐에서의 분산된 서비스간의 모니터링 방법을 소개합니다.
- Microservice Monitoring with Service Discovery (Eureka) Spring Boot Admin
- Microservice Monitoring with Service Discovery (Consul), Prometheus, Grafana
Riwut Libinuko is a Microsoft SharePoint Server MVP living in Singapore who has over 10 years of experience in the IT industry. He has a master's degree in computer system engineering and enjoys coding, robotics, and food. Some of his projects include creating a PBX using a Raspberry Pi and Sipura 3102. He is an active contributor on forums and open source projects. The presentation discusses application virtualization strategies on the Microsoft Azure platform, providing an overview of Remote Desktop Services and Azure RemoteApp. It covers how to set up and manage RemoteApp collections, including publishing applications, managing users, and creating custom images.
พบกับเซสชั่น "Microsoft Graph for Microsoft 365 and Power Platform" ในงาน Microsoft 365 Developer Bootcamp
- แนะนำ Microsoft Graph
- เรียนรู้การเรียกใช้งาน REST API เพื่อเข้าถึงข้อมูลบนบริการต่าง ๆ ของ Microsoft 365
โดยคุณแชมป์ Narisorn Limpaswadpaisarn (Microsoft Certified Trainer)
SharePoint Fest DC - Everything your need to know about the Microsoft Graph a...Sébastien Levert
Since the launch of the Microsoft Graph, a ton of new possibilities are being made available to the Office 365 and SharePoint Developers. The unified API of all the Office 365 is one of the greatest Microsoft innovation of the last few years and is changing the way that solutions are built on Office 365 and SharePoint Online. The launch of the SharePoint endpoints on the Microsoft Graph will enhance our development story and lead to amazing cloud solutions.
This session is a deep-dive into the Microsoft Graph by analyzing the current /v1.0 version of the API and what is coming on the future /beta endpoint. The focus of the session will be on the SharePoint-specific features that the Graph is now offering to the SharePoint developers.
This very demo-intensive session will make sure that at the end you get those 3 key takeaways :
- Understand the role of the Microsoft Graph in the Office 365 ecosystem
- Leverage and interact with your SharePoint data from the Microsoft Graph
- Change the way you will think for your next SharePoint Online solution
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Vincent Biret
Slides supporting the session at the granite state user group meeting of January 2019. Talking as well about #Azure Active directory and lots of other things
Real World SharePoint Framework and Azure ServicesBrian Culver
Building Solution in Office 365 requires leveraging other cloud services, such as Azure Services. For those new to SharePoint and all SharePoint veterans, building cloud ready “Full Trust” solutions for Office 365 introduces a huge paradigm shift over the traditional on-premise full-trust development model.
In this session, we will look at a couple common full trust solutions and move them to Office365 and Azure. We will leverage various Azure services such as Azure Functions, Event Grids and WebJobs. See demonstrations on how event receivers become Azure Function and Event Grids, and timer jobs become Azure WebJobs. Learn about other useful Azure services for replacing full trust functionality. Don’t pass up this opportunity to learn skills and knowledge you need to build Office 365 Solutions leveraging Cloud Services
Attendee Takeaways:
1. Understand how to take Full Trust solutions from On-premise to the Office365.
2. Learn how to use Azure Functions, Event Grids, WebJobs and several other Azure Services.
3. See demonstrations of a couple common Full Trust Solutions converted to cloud solutions on Office365 and Azure.
SPS Utah - Everything your need to know about the Microsoft Graph as a ShareP...Sébastien Levert
The document provides an overview of the Microsoft Graph and how it can be used by SharePoint developers. It discusses how the Graph provides a single endpoint for accessing and traversing Office 365 data through REST APIs and SDKs. It also covers authentication, permissions, and using the Graph Explorer, REST calls, .NET, PnP PowerShell, and JavaScript to interact with the Graph. The document describes capabilities like notifications, open extensions, and schema extensions.
The document provides an overview of Microsoft Azure Mobile Services, including features like structured storage, authentication, backend logic, push notifications, scheduling, and more. It discusses the REST API, JSON to SQL type mappings, auto-generated columns, server-side table scripts, custom APIs, file storage, notification hubs, offline synchronization, the command line interface, and scaling options. Live demos are presented on topics like adding data validation logic, push notifications, authentication, and using the CLI.
SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...Sébastien Levert
Since the launch of the Microsoft Graph, a ton of new possibilities are being made available to the Office 365 and SharePoint Developers. The unified API of all the Office 365 is one of the greatest Microsoft innovation of the last few years and is changing the way that solutions are built on Office 365 and SharePoint Online. The launch of the SharePoint endpoints on the Microsoft Graph will enhance our development story and lead to amazing cloud solutions.
This session is a deep-dive into the Microsoft Graph by analyzing the current /v1.0 version of the API and what is coming on the future /beta endpoint. The focus of the session will be on the SharePoint-specific features that the Graph is now offering to the SharePoint developers.
This very demo-intensive session will make sure that at the end you get those 3 key takeaways :
Understand the role of the Microsoft Graph in the Office 365 ecosystem
Leverage and interact with your SharePoint data from the Microsoft Graph
Change the way you will think for your next SharePoint Online solution
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...atwork
This document discusses how to manage Office 365 using Windows Azure. It provides an overview of authentication and identity management with Office 365 using Azure Active Directory. It also demonstrates provisioning users to Office 365 and accessing Office 365 services through code examples. Requirements and various application integration points for Office 365 services on Windows Azure are outlined.
Windays14 - How to (remote) control Office 365 with Azureatwork
This document discusses how to remotely control and automate Office 365 using Azure. It begins with an overview of why remote control of Office 365 is useful for automation. It then demonstrates authenticating to Azure Active Directory and Office 365 services like SharePoint and Exchange. The document discusses the various APIs and tools available to access and integrate with Office 365 services when deployed on Azure. It provides links to documentation, SDKs, blogs and samples to help developers build automated solutions using Office 365 and Azure.
#Techorama belgium 2018 vincent biret deep dive with the #MicrosoftGraphVincent Biret
Slides supporting the session deep dive with the Microsoft Graph at Techorama Belgium 2018. Talking about authentication, authorization, integrations with azure functions and the SharePoint Framework.
[Oracle Webcast] Discover the Oracle Blockchain Platform through the eyes of ...Sanae BEKKAR
Voici le support de notre présentation du dernier Oracle Virtual Meetup , qui s'est déroulé le 07 Janvier 2020 , auquel on s'est concentré sur la découverte du service Oracle Blockchain Platform, qui offre une solution pré-assemblée pour la construction et l'exécution de SMart Contrat et maintient un ledger distribué inviolable , à travers le Business case 'D-check' la maintenance des pièces de l'avion , l'un des process les plus complexe du monde de l'Aviation .
Rejoignez-nous : https://www.meetup.com/fr-FR/Oracle-Developer-Meetup-France
Bonne lecture!
SharePoint Saturday Chicago - Everything your need to know about the Microsof...Sébastien Levert
This document provides an overview of the Microsoft Graph and how it can be used by SharePoint developers. It discusses how the Graph provides a single endpoint for accessing data from Office 365 through REST APIs. It covers authentication, permissions, and exploring the Graph through tools like the Graph Explorer. It also demonstrates how to retrieve and modify data from the Graph using various approaches like REST calls, SDKs, and webhooks. Finally, it discusses extending the Graph through open extensions and schema extensions.
SharePoint Fest Seattle 2017 - Everything your need to know about the Microso...Sébastien Levert
The document introduces the Microsoft Graph API and how it can be used by SharePoint developers. It provides an overview of the Graph and how it provides a single endpoint for accessing data and insights from Office 365 through various permissions and authentication methods. It also demonstrates how to make HTTP requests to the Graph and explore it using tools like Postman, SDKs, and code examples in languages like C#, JavaScript, and PowerShell.
Similar to Microsoft365_Dev_Security_2024_05_16.pdf (20)
E-commerce Application Development Company.pdfHornet Dynamics
Your business can reach new heights with our assistance as we design solutions that are specifically appropriate for your goals and vision. Our eCommerce application solutions can digitally coordinate all retail operations processes to meet the demands of the marketplace while maintaining business continuity.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Enterprise Resource Planning System includes various modules that reduce any business's workload. Additionally, it organizes the workflows, which drives towards enhancing productivity. Here are a detailed explanation of the ERP modules. Going through the points will help you understand how the software is changing the work dynamics.
To know more details here: https://blogs.nyggs.com/nyggs/enterprise-resource-planning-erp-system-modules/
OpenMetadata Community Meeting - 5th June 2024OpenMetadata
The OpenMetadata Community Meeting was held on June 5th, 2024. In this meeting, we discussed about the data quality capabilities that are integrated with the Incident Manager, providing a complete solution to handle your data observability needs. Watch the end-to-end demo of the data quality features.
* How to run your own data quality framework
* What is the performance impact of running data quality frameworks
* How to run the test cases in your own ETL pipelines
* How the Incident Manager is integrated
* Get notified with alerts when test cases fail
Watch the meeting recording here - https://www.youtube.com/watch?v=UbNOje0kf6E
Artificia Intellicence and XPath Extension FunctionsOctavian Nadolu
The purpose of this presentation is to provide an overview of how you can use AI from XSLT, XQuery, Schematron, or XML Refactoring operations, the potential benefits of using AI, and some of the challenges we face.
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
Need for Speed: Removing speed bumps from your Symfony projects ⚡️Łukasz Chruściel
No one wants their application to drag like a car stuck in the slow lane! Yet it’s all too common to encounter bumpy, pothole-filled solutions that slow the speed of any application. Symfony apps are not an exception.
In this talk, I will take you for a spin around the performance racetrack. We’ll explore common pitfalls - those hidden potholes on your application that can cause unexpected slowdowns. Learn how to spot these performance bumps early, and more importantly, how to navigate around them to keep your application running at top speed.
We will focus in particular on tuning your engine at the application level, making the right adjustments to ensure that your system responds like a well-oiled, high-performance race car.
GraphSummit Paris - The art of the possible with Graph TechnologyNeo4j
Sudhir Hasbe, Chief Product Officer, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Do you want Software for your Business? Visit Deuglo
Deuglo has top Software Developers in India. They are experts in software development and help design and create custom Software solutions.
Deuglo follows seven steps methods for delivering their services to their customers. They called it the Software development life cycle process (SDLC).
Requirement — Collecting the Requirements is the first Phase in the SSLC process.
Feasibility Study — after completing the requirement process they move to the design phase.
Design — in this phase, they start designing the software.
Coding — when designing is completed, the developers start coding for the software.
Testing — in this phase when the coding of the software is done the testing team will start testing.
Installation — after completion of testing, the application opens to the live server and launches!
Maintenance — after completing the software development, customers start using the software.
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
Hand Rolled Applicative User ValidationCode KataPhilip Schwarz
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
Preparing Non - Technical Founders for Engaging a Tech AgencyISH Technologies
Preparing non-technical founders before engaging a tech agency is crucial for the success of their projects. It starts with clearly defining their vision and goals, conducting thorough market research, and gaining a basic understanding of relevant technologies. Setting realistic expectations and preparing a detailed project brief are essential steps. Founders should select a tech agency with a proven track record and establish clear communication channels. Additionally, addressing legal and contractual considerations and planning for post-launch support are vital to ensure a smooth and successful collaboration. This preparation empowers non-technical founders to effectively communicate their needs and work seamlessly with their chosen tech agency.Visit our site to get more details about this. Contact us today www.ishtechnologies.com.au
4. EUROPEAN COLLABORATION SUMMIT
Agenda
About
• Me
Authentication
• SP Rest vs Graph
• SSO
• Credential
Handling
• Secure Config
Handling
Managed
Identities
• Permissions
SPFx & 3rd
party API
• MSGraphClient
• AadHttpClient
• Domain isolated?
Permission
Scope
• App
• Delegated
• RSC
Summary
• Wrap up
• Resources
• Q&A
5. EUROPEAN COLLABORATION SUMMIT
• Markus Moeller
• Microsoft 365 Developer Expert
• Microsoft MVP
• Microsoft 365 & Power Platform
Community (PnP) team member
• Avanade Germany
• @moeller2_0
• https://mmsharepoint.wordpress.com
• Proud dad of 1 (4yrs)
• Cancer fighter
About me
6. EUROPEAN COLLABORATION SUMMIT
Authentication
▪ SPFx
▪ User context login est.
▪ “No need to care for”
▪ MSGraphClient
▪ Prepped ServicePrincipal
▪ Tenant-Wide access
▪ AadHttpClient
▪ Prepped ServicePrincipal
▪ Tenant-Wide access (to backend process only)
▪ “Other” app
▪ Context ID / bootstrap token → SSO
▪ MSAL2
▪ App individual access
▪ More effort
8. EUROPEAN COLLABORATION SUMMIT
Azure Key Vault
▪ Read/Write from Application
▪ Access via Code or SecretUri reference in App Service Config
▪ Auth via Secret Endpoint / Managed Identity
▪ Azure App Config Service btw a similar service for less sensitive values
▪ Read / Write access possible (user config)
9. EUROPEAN COLLABORATION SUMMIT
Managed Identities
▪ Can simply be added to “any” Azure resource
▪ No credential / secret / key management
▪ User Managed Identities to be shared with several resources
▪ NO multi-tenant
▪ (Graph) permissions to be applied via code (PS, Rest, …)
▪ To ServicePrincipal only
▪ UI? Not possible…
▪ PowerShell?
▪ Rest?
▪ Azure CLI the potential leanest way
12. EUROPEAN COLLABORATION SUMMIT
3rd party Api access
▪ In SPFx: MSGraphClient, AadHttpClient
▪ Prefer: AadHttpClient !!!
▪ No anonymous access in Azure Functions / Apps
▪ Restrict client-side to “hide” buttons
▪ Restrict server-side to really prevent access
▪ Domain-isolated web parts?
13. EUROPEAN COLLABORATION SUMMIT
Enable Auth for Azure Function
[FunctionName("WriteListItem")]
public static async Task<IActionResult> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "get", "post", Route = null)]
HttpRequest req, ILogger log) { ...
16. EUROPEAN COLLABORATION SUMMIT
Delegated vs App permissions
User Delegated
▪ Access to resources of a kind “the user” has
access to
▪ User access needs to be granted
▪ Eventually “Create”, too
▪ User login / token needed for operations
Application
▪ Access to ALL resources of a kind
▪ Access without a user
▪ Unattended processes
▪ Can be partially limited by “.Selected” (RSC)
17. EUROPEAN COLLABORATION SUMMIT
Use delegated permissions
▪ Benefit from user login / context / SSO
▪ Grant users access to all data / resources needed
▪ Users should be able to create resources and take ownership
▪ Do you really think your app is the only one that can treat your data / resources in the right
manner?
18. EUROPEAN COLLABORATION SUMMIT
If app permissions needed
▪ Use LOWEST permissions possible
▪ Try to restrict by resource specific consent (RSC)
▪ MAXIMIZE restriction to your app
▪ Limit access to appId to small # of programmers / admins
▪ Take care of code base
19. EUROPEAN COLLABORATION SUMMIT
RSC (resource specific consent)
▪ One app creates (with higher privileges) resource
▪ Teams Team, SharePoint Site
▪ Enables other app(s) on this one
▪ App permission Sites.Selected + selected resource
20. EUROPEAN COLLABORATION SUMMIT
RSC
Sites
App based
Sites.FullControl
App based
Sites.Selecte
d
Delegated
CEO personal site [ ]
Homesite [ ] [ ]
Intranet sites [ ] [ ]
Collaboration sites [ ] [ ]
22. EUROPEAN COLLABORATION SUMMIT
RSC – Side by side
https://graph.microsoft.com/v1.0/sites/5333d91a-756e-
4b65-a0b7-3be8b35d7ddf,ee4302ef-c5fb-4e9e-963f-
0d1d4aaaaabd/permissions/<perm-id>
{
...
"value": [
{ "id": "aTowaS50fG1zL....",
"roles": [
"write"
],
"grantedToIdentitiesV2": [
{
"application": {
"displayName": "spoRSCApplication",
"id": "26e871b9-54bc-4d3c-b062-607e64b9e48d"
}
}
],
...
}
]
}
https://graph.microsoft.com/v1.0/sites/caf3e616-82a6-
4847-8949-a9ef59e2dccd,ee4302ef-c5fb-4e9e-963f-
0d1d4aaaaabd/permissions/<perm-id>
{
"@odata.context":
"https://graph.microsoft.com/v1.0/$metadata#sites('caf3
e616-82a6-4847-8949-a9ef59e2dccd%2Cee4302ef-c5fb-
4e9e-963f-0d1d4aaaaabd')/permissions",
"value": []
}
With selected permissions Without selected permissions
23. EUROPEAN COLLABORATION SUMMIT
RSC – 2024 I
SharePoint: Sites.Selected with delegated scope
▪ App still needs Sites.Selected permissions to site
o But SCA can grant this (code needed!)
▪ Additionally user needs any kind of access
▪ First step towards … no more (app based) Sites.FullControl.All
25. EUROPEAN COLLABORATION SUMMIT
RSC – Q2 / 2024
▪ Q2 ??
▪ SharePoint: Application Site Creation without Sites.FullControl.All
▪ Sites.Create.All
▪ More granular RSC permissions also coming around
26. EUROPEAN COLLABORATION SUMMIT
Summary – Key takeaways
▪ Security is a moving target
▪ Always challenge: Least privilege
▪ Sample code / snippets simplify to demonstrate
▪ (Mine, too!!!) Always challenge before taking into Prod
▪ AI doesn’t help here so far
▪ Security usually makes dev more complex
▪ Convince your client, more effort → More security
▪ Nevertheless, there is great functionality/tools out there
▪ Get to know them → NOW!
▪ RSC esp with SharePoint becoming a gamechanger in 2024 …
27. EUROPEAN COLLABORATION SUMMIT
Resources
▪ M365 Development Security - From full trust to ZeroTrust (pnp.github.io)
▪ Speaker's blog
▪ On this specific topic
▪ Azure CLI the potential leanest way
▪ Azure Key Vault
▪ SharePoint: Application Site Creation without Sites.FullControl.All
28. EUROPEAN COLLABORATION SUMMIT
THANK YOU,
YOU ARE AWESOME
PLEASE RATE THIS SESSION
IN THE MOBILE APP.
Questions?
Now, or later …:
Markus Moeller
@moeller2_0
https://mmsharepoint.wordpress.com