0

I'm interested in documenting which registered AAD/B2C applications are using:

Question

  1. What approaches should I take (ideally log focused) to collect and report on what is running in my enterprise?
  2. Is there any way to determine which SDK (and version of the SDK) is used for the various authentication flows? (and which flow)

(PS Product team, is there any way I can have this result integrated in the portal :) )

CMEdge
  • 103
  • 11
  • Hi, any other concern about the reply? – Joy Wang May 19 '20 at 06:34
  • Hi @JoyWang, I have many applications owned by many different teams, and all the source code might be managed by different source control systems. I need to figure out all the above information (sdk version, auth endpoint (version), graph endpoint (version)) only from the logs. – CMEdge May 19 '20 at 13:43
  • Which `logs` do you mean? audit logs in Azure AD? – Joy Wang May 20 '20 at 01:30

1 Answers1

1

What approaches should I take (ideally log focused) to collect and report on what is running in my enterprise?

Not sure what you mean, the AD App can use both v1.0 and v2.0 endpoints, it's up to you. Previously, as mentioned in the link you provided, the versions of AD App are different, it was decided by where was it created. But now the App Registration Portal was deprecated, all the AD App registered in Azure portal are v2.0 version. And the app can use both v1.0 and v2.0 endpoints.

Is there any way to determine which SDK (and version of the SDK) is used for the various authentication flows? (and which flow)

Usually, the doc will tell you.

e.g. https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-net-migration#confidential-client-applications

enter image description here

Also, you can judge it with the parameters which the SDK method requires. e.g. the method needs client_id, client_secret, scope, tenant_id, and it doesn't need the user to involve, obviously it uses the client credential flow.

Joy Wang
  • 39,905
  • 3
  • 30
  • 54