Kubernetes Dashboard with Azure AD OAuth and Let’s Encrypt on AKS


In this post I want to show you how to protect your Kubernetes Dashboard through an OAuth 2 authentication with Azure AD as identity provider and Let’s Encrypt certificates. I’m using OAuth 2 Proxy together with the NGINX Ingress Controller to authenticate my Azure AD account against the Kubernetes Dashboard. For issuing the Let’s Encrypt …

Read more

Granting Azure AD Admin Consent Programmatically

Azure Graph API

Some Azure API permissions requires admin consent, which can be granted through the Azure portal. However, sometimes it’s needed to grant such consent programmatically, especially when creating service principals via IaC. Requirements for Granting Admin Consent To be able to grant admin consent, the Azure AD role “Application Administrator” is required. To grant admin consent …

Read more

Azure AD Passwordless Sign-In with FIDO2 Security Keys

Yubikey 5 NFC

In this post I want to show you, how to use the Azure AD passwordless sign-in with FIDO2 security keys, such as Yubikeys. When using Yubikeys, make sure you are using a Yubikey 5, as Yubikey 4 only supports FIDO U2F, which is not supported for passwordless sign-in. Go to the Azure AD Authentication methods …

Read more