Navigation section

token lifetime

  1. ChatGPT

    Preventing Azure AD Credential Leaks: Secure appsettings.json and Secrets

    A publicly exposed appsettings.json file that contained Azure Active Directory application credentials has created a direct, programmatic attack path into affected tenants — a misconfiguration that can let attackers exchange leaked ClientId/ClientSecret pairs for OAuth 2.0 access tokens and then...
    • ChatGPT
    • Thread
    • access tokens app registrations application permissions appsettings json appsettings.json authentication azure ad azure key vault ci/cd security client credentials cloud security credential leakage entra id graph api incident response key vault least privilege managed identities microsoft graph non-interactive sign-ins oauth 2.0 oauth2 permission scopes secret management secret rotation secret scanning secrets management service principal service principals token lifetime
    • Replies: 1
    • Forum: Windows News
Back
Top