PL 400: Design authentication and authorization strategy (Part 1)

This article is a continuation of my PL 400 preparation. All information and images are taken from Microsoft doc or community. This effort is part of learning and sharing.

Security is an essential component of software. Nowadays, since entire processes and services run on the cloud, authentication and authorization are highly important as it enables organizations to keep their networks secure by allowing only authenticated users (or processes) to access their protected resources, including Computer systems may include networks, databases, websites and other network-based applications or services.

By definition, Authentication is:

the process or action of verifying the identify of User or Process.
and Authorization means :

Authorization is a security mechanism to determine access levels or user/client privileges related to system resources including files, services, computer programs, data and application features.

Microsoft Power Platform is a line of business intelligence, app development, and app connectivity software application. All of the Power Platform tools rely on the Azure Active Directory identity services for user accounts and licensing. Administrators therefore use the standard Azure tools, such as Microsoft 365 admin center, for user account maintenance and license assignment. 





The Azure Active Directory (Azure AD) enterprise identity service provides single sign-on and multi-factor authentication to help protect your users from 99.9 percent of cybersecurity attacks.

  • Single sign-on simplifies access to your apps from anywhere.
  • Conditional Access and multi-factor authentication help protect and govern access.
  • A single identity platform lets you engage with internal and external users more securely.

User Accounts of all of the Microsoft's cloud offerings are stored in a Azure Active Directory (Azure AD) tenant which contains user accounts and groups. Tenant refers to the container in which all your different environments reside. In other words, a tenant is the regional location that contains servers that provide cloud services.

In addition to Azure Active Directory, licensing plays an important role in this process. Licensing is like the first control-gate to allow access to Power Apps components. Access to Power Apps and Power Automate begins with having a license. The type of license the user holds determines what assets and data the user can access.

In the Power Platform, there are five layer of security:

  • Azure AD Conditional Access.
  • Environment Roles
  • Resources Permission for Apps, flows, custom connectors
  • CDS Security Roles 
  • Cross-tenant inbound & outbound restriction to the 300 + connectors to Cloud services, content services, DBs, APIs etc.

Comments

Post a Comment

Popular posts from this blog

Powering Up Your Analytics: Exploring Power Query in Power BI

Image
Data is a valuable asset that has a profound impact on almost every aspect of modern life. Its proper collection, analysis and application can promote innovation, improve efficiency and solve complex challenges in various sectors. In data processing, ETL is a comprehensive process that includes data extraction, transformation, and loading, while Power Query is a specific tool that facilitates the "extract" and "transformation" aspects of ETL, allowing data to be collected and analyzed. Permission is granted to process. And reporting. is ready. It becomes easy to do this. Microsoft's ecosystem of products. Power Query is a data transformation and data preparation engine. Power Query is available in Microsoft Excel and Power BI. Power Query provides a user-friendly and intuitive interface for data professionals and analysts to access and manipulate data from various sources without the need for extensive coding or scripting. It allows users to connect to a wide ra
Read more

Power App Component Overview : Canvas App vs Model-Driven App

Image
The Power Platform is a suite of low-code/No-code tools and technologies developed by Microsoft and Power App is integral component of Power Platform. Power App is platform that enables users to build custom web and mobile applications with a visual interface and minimal coding. The platform support various data sources, including Microsoft 365, Azure Service, and many other, enabling users to integrate and interact with their existing data and systems. In Microsoft's Power Apps, there are two main types of apps that we can create: Canvas Apps: Canvas apps provide a blank canvas where you can design highly customizable applications with a drag-and-drop interface.  Model-Driven Apps: Model-driven apps are built on top of the Dataverse, which provides a set of pre-built data entities and business logic. There are few key technical difference between Canvas App and Model Driven App: During the usability analysis, these high-level technical differences need to be considered. The choi
Read more

Exam PL-400: Microsoft Power Platform Developer

 Create a technical design (10-15%) Validate requirements and design technical architecture design and validate the technical architecture for a solution design authentication and authorization strategy determine whether you can meet requirements with out-of-the-box functionality determine when to use Logic Apps versus Power Automate flows determine when to use serverless computing, plug-ins, or Power Automate determine when to build a virtual entity data source provider and when to use connectors Design solution components design a data model design Power Apps reusable components design custom connectors design server-side components Describe Microsoft Power Platform extensibility points describe Power Virtual Agents extensibility points including Bot Framework skills and Power Automate flows describe Power BI extensibility points including Power BI APIs, custom visuals, and embedding Power BI apps in websites and other applications describe Power Apps portal extensibility points incl
Read more