Manage identity and access

Groups

Memberships

• Assigned - manually assigned
• Dynamic user - automatically assigned by user’s attributes
• Dynamic device: automatically assigned on devices by attributes

Assignments

• Direct assignmnet
• Group assignment - Entra group to the resource, automatically gives all of the group members access to the resource
• Rule-based assignment
• External authority assignment - assigns a group to provide access to the resource and then the external source manages the group members

Key Points to Master

OAuth2

• Understand the different grant types and their use cases.
• Learn how to implement the OAuth2 flow in client and server applications.
• Know how to secure and manage access tokens.
• Familiarize yourself with common OAuth2 libraries and tools.

OIDC

• Understand how OIDC builds on OAuth2 to provide identity verification.
• Learn the structure and usage of ID tokens.
• Implement OIDC in client applications to obtain user identity information.
• Understand the security considerations and best practices.

SAML

• Understand the SAML assertion and its components.
• Learn how to configure and manage identity providers and service providers.
• Familiarize yourself with SSO implementations using SAML.
• Understand the security considerations and best practices.

Entra ID

• Learn how to register and manage applications in Entra ID.
• Understand how to configure Entra ID for OAuth2, OIDC, and SAML.
• Know how to use Entra ID for user authentication and authorization in various applications.
• Understand the security features and best practices for Entra ID.