blog.atwork.at

news and know-how about microsoft, technology, cloud and more.

Unlocking Secrets: The Key Vault Role You Need

In my use of Azure Key Vault with code and flows with Managed Identities, I moved to role-based access control (RBAC) to manage access to secrets and certificates. However, I encountered a problem when using the Key Vault Reader” role as it denied me the required access to secret content. This experience highlighted the importance of understanding the specific roles within Azure Key Vault, and I want to share this insight to help others avoid similar pitfalls.

Use Delegate365 with Privileged Identity Management (PIM)

In today’s digital landscape, managing privileged access to applications is crucial for maintaining security and compliance. Microsoft Entra Privileged Identity Management (PIM) offers a robust solution to manage, control, and monitor access within your organization. In this guide, we’ll walk you through the process of configuring Microsoft Entra PIM for your application, Delegate365, ensuring that only authorized users can access it through a security group.

Why Only Users Can Apply Sensitivity Labels in Microsoft 365

Sensitivity labels in Microsoft 365 are a crucial feature for organizations to protect and manage their data. These labels allow organizations to classify and safeguard sensitive information based on its level of confidentiality. By applying sensitivity labels, organizations can control access, encrypt data, apply policies, and track and monitor on sensitive information. Users can apply sensitivity labels to classify and protect their data. However, applications unfortunately cannot currently assign sensitivity labels.

Grant permissions to the GT365 app

Our Governance Toolkit 365 (GT365) provides information and automation solutions for a Microsoft 365 tenant. In order to use the functions, this app must be approved by an administrator. In addition, new solutions are constantly being added. Some of these also require new permissions. You can find out how you as an administrator can grant and renew these permissions here.

Retrieve User PIM Role Assignments and History with Microsoft Graph REST API

Microsoft Entra Privileged Identity Management (PIM) allows administrators to manage role assignments efficiently, ensuring that users have the necessary permissions only when needed. By following a few simple steps, administrators can make users eligible for specific roles, activate roles as required, and manage both built-in and custom roles. This process enhances security by minimizing the duration and scope of privileged access, making it a crucial tool for maintaining a secure and compliant environment. In this article, we explore how to read a user's Microsoft Entra roles and history using PIM and the Microsoft Graph REST API.

Impact of the CrowdStrike Windows 10 BSOD

As reported in most media, we would like to inform you about a global outage caused by a erroneous software update from cybersecurity company CrowdStrike today, on July 19th. This Endpoint security solution is used in many organizations that caused Windows 10 computers to crash. See how to resolve this if your Windows computer is affected by the CrowdStrike update.

List Flows as Admin V2 API endpoint

A year ago, Microsoft announced the Transition to List Flows as Admin V2 action from deprecated List Flows as Admin action” for Power Automate. Well, we were using the old API endpoint until it stopped working recently. It took some time until we found workarounds or a successor. Also the PnP modules still are using the old API, and the endpoint address is currently not documented on any Microsoft website. Find it here!

GT365-Team deep links no longer work in v2 client

Microsoft is rolling out the new Teams v2 client. This is now a Single Page Application (SPA), which means generated deep links no longer work. Unfortunately, this also affects the GT365 solution 09 and 11, e.g. to open the settings of a team and the management of members with a button. Here you can find out why this is the case and what workarounds are possible.

Enhance your Copilot with Graph Connector relevance tuning

Utilizing Graph connectors simplifies the process of incorporating your data into Microsoft 365 search and Microsoft 365 Copilot, enhancing your experience with seamless integration. A fresh addition to Copilot’s capabilities is the Relevance Tuning feature, that significantly enhances Copilot's functionality.

Azure Logic Apps Toolbox 10-Dynamic access to keys and values ​​in a JSON object

In Azure Logic Apps, looping through objects is a common requirement. When we have prior knowledge of an object’s properties, the process is straightforward. However, things get more challenging when attempting to access properties dynamically. See a method to access data in a JSON object dynamically here.