External IdentitiesIdentity GovernanceMicrosoft Entra ID

Enabling cloud SSO for on-prem AD users

March 1, 2026
Most teams think “cloud SSO for on-prem AD users” is a single checkbox: sync identities to the cloud, and users magically stop seeing prompts. In reality, you’re stitching together two different security worlds: On-prem AD is built around Kerberos, NTLM, LDAP, domain-joined devices, and network locality. Cloud identity (Microsoft Entra ID / Azure AD) is built around OAuth 2.0, OpenID…
Read more
Authentication MethodsExternal IdentitiesMicrosoft Entra IDTenant & Directory Administration

How to setup entra connect and cloud sync with the right sync engine

March 1, 2026
Hybrid identity is no longer a “maybe later” project. It is now the default state for most enterprises: on-premises active directory still runs many core workloads, while microsoft entra id is the control plane for modern access, conditional access, and saas. The connector you choose between those worlds determines whether sign-ins are boring (good) or chaotic (bad). When people say “set up…
Read more
Authentication MethodsConditional AccessExternal IdentitiesMicrosoft Entra ID

Using custom roles and pim in entra id

March 1, 2026
Least privilege that actually survives real life Imagine you’re the person who gets paged when “someone needs admin access right now.” The request is always urgent. The blast radius is always unclear. And the only role that “just works” is usually global administrator. That is the default failure mode of identity governance: not because people love risk, but because granularity is hard…
Read more
External IdentitiesMicrosoft Entra ID

Cross-tenant collaboration with b2b guest access

March 1, 2026
How it actually works, what breaks in the real world, and how to design it like an engineer Cross-tenant collaboration with Microsoft Entra b2b guest access is the modern answer to an old problem: “How do we let partner users access our apps and data without creating accounts for them?” In plain terms: you grant access to resources in your tenant to external users who authenticate using their…
Read more
External IdentitiesIdentity GovernanceMicrosoft Entra ID

Handling Rehires: The ‘Duplicate Identity’ Nightmare in HR-Driven Provisioning  

February 20, 2026
The modern enterprise identity landscape balances fluidity with permanence, yet “boomerang” hiring strains the systems built to manage it. HR-driven provisioning, designed to automate the worker lifecycle, often falters during rehire events. When a former employee returns, workflows must reconcile an existing digital footprint or create a new one. Failed correlation results in the “duplicate…
Read more
External IdentitiesMicrosoft Entra ID

Integrating Entra with third-party apps

February 20, 2026
At 9:07 AM, your helpdesk phone lights up. “Users can’t log into the CRM anymore. It says something about SAML.” The CRM vendor insists nothing changed. Your network team swears the firewall is fine. Meanwhile, executives can’t access customer data. In most modern Windows environments, this failure sits at the intersection of Microsoft Entra ID (formerly Azure AD), third-party SaaS apps…
Read more
External IdentitiesMicrosoft Entra ID

One-time passcode authentication for Azure AD B2B Guest Users

June 5, 2024
Azure Active Directory (Azure AD) B2B guest users offer a convenient way to grant access to external users without adding them to your core directory. However, ensuring secure authentication for these guests is crucial. One-time passcode (OTP) authentication provides a simple and secure method for B2B guest user access. OTP Authentication for B2B Guests When a guest user who cannot be identified…
Read more