openid connect

About this tag
OpenID Connect (OIDC) is an authentication standard that plays a key role in modern identity federation and cloud security. On WindowsForum.com, discussions cover Microsoft Entra External ID adding OIDC support for external identity federation, enabling organizations to integrate standards-based authentication. The nOAuth vulnerability in Microsoft Entra ID highlights risks in OIDC implementations, emphasizing the need for secure configuration. Additionally, OIDC is used to federate Azure DevOps with AWS for secure CI/CD pipelines, eliminating static credentials. Microsoft's phase-out of legacy authentication in Microsoft 365 further underscores the shift toward modern protocols like OIDC. These threads explore OIDC's role in enterprise security, identity management, and cross-cloud integration.
  1. Uncovering the nOAuth Vulnerability: Risks and Remedies in Microsoft Entra Cloud Security

    Microsoft’s cloud ecosystem continues to underpin enterprise digital transformation—yet the discovery and persistence of the nOAuth vulnerability within Entra-integrated applications shines a harsh light on lingering risks at the intersection of identity management, software-as-a-service, and...
  2. nOAuth Vulnerability: The Hidden Threat Endangering 15,000+ SaaS Apps and How to Protect Your Enterprise

    A critical authentication flaw within Microsoft’s Entra ID ecosystem continues to threaten tens of thousands of enterprise applications worldwide, illustrating a profound challenge for the current state of SaaS security two years after its discovery. The vulnerability, dubbed “nOAuth,” first...
  3. Microsoft Phases Out Legacy Authentication in Microsoft 365 by July 2025 for Enhanced Security

    Microsoft is drawing a definitive line under the era of legacy authentication protocols in Microsoft 365, setting the stage for a monumental shift in security posture across its cloud ecosystem. Starting from mid-July 2025, Microsoft will begin enforcing new default settings that block legacy...
  4. Microsoft Entra External ID Adds OpenID Connect Support for Seamless External Identity Federation

    Microsoft is continuing its evolution of cloud-based identity management with the unveiling of OpenID Connect (OIDC) identity provider support for Entra External ID—a move poised to fundamentally reshape the way organizations blend security, scalability, and user experience in authentication...
  5. Federate Azure DevOps with AWS Using OpenID Connect for Secure CI/CD

    In the modern age of CI/CD (Continuous Integration and Continuous Deployment), achieving seamless integration between tools used across cloud and development ecosystems is crucial. Azure DevOps, a powerful platform supporting continuous delivery pipelines, now offers a game-changing capability...