Learn how to implement secure authentication between GitHub Actions and Azure Active Directory using OpenID Connect (OIDC) in this comprehensive video tutorial. Explore the evolution from traditional secret-based authentication to modern OIDC methods, understanding the benefits and implementation details. Discover how to leverage GitHub identity tokens, exchange them for Azure AD access tokens, and configure various subject types. Follow step-by-step instructions on setting up Azure AD app registration, using the azure/login action, and adding federated credentials. Gain insights into storing and utilizing required values in GitHub, and learn about app roles for enhanced security. Master the art of seamless and secure authentication between GitHub and Azure AD without the need for storing sensitive secrets.
Overview
Syllabus
- Introduction
- How authentication used to work
- Using OIDC
- GitHub identity token and exchange for AAD access token
- Types of subject
- AAD app registration
- Using azure/login
- Adding federated credential
- Storing required values and using in GitHub
- App roles
- Summary
Taught by
John Savill's Technical Training
Related Courses
-
Manage identity and access in Microsoft Entra ID
-
Passwordless Authentication Between GitHub and Azure Using Federated Credentials
-
Demystifying Azure AD, JWTs & OIDC
-
Azure Master Class - Identity
-
Azure DevOps Workload Identity Federation with Azure - No More Secrets
5.0 -
Abusing OIDC Authentication for Cloud Security Vulnerabilities
