Identity and Access Management, Identity Governance

When doing a git commit on two different versions of git I noticed that the commit message generated by git was different. In the newer versions, post 2024 versus older git versions like 2.30.x from 2020/2021 the merge strategy in git is different. Git Merge Commit uses a Recursive Strategy algorithm for performing merges. In newer versions of Git, e.g., 2.47.0 in November 2024 uses Optimized Recursive strategy (ORT). In earlier version of Git, e.g., 2.30.1 used Recursive Strategy. Example: The git message would be like "Merge made by 'ort' strategy (version 2.47.0) ORT strategy in git merge is an optimized version of the Recursive strategy where it identifies a merge base but employs an enhanced or more efficient algorithm for applying changes and resolving conflicts.  Recursive strategy in git merge can sometimes lead to complex conflict resolutions, especially when branches have diverged significantly.  Recursive strategy may also be slower due to its more extensive co...

Tools to Trace OIDC Artifacts and Flows Browser Developer Tools : The Network tab in your browser's developer tools (DevTools) is one of the easiest ways to trace HTTP requests, including those involved in OIDC authentication. You can see: The request to Okta's authorization endpoint (for the /authorize request). The redirect back to your app with the code (authorization code). The request to Okta's token endpoint (to exchange the authorization code for an access token and ID token). The response that contains the tokens (JWTs). If you look at the network activity during login, you'll see the various redirects, HTTP requests, and responses. This is helpful for understanding the different stages of the OIDC flow. Postman : Postman can be very useful for manually simulating the OIDC flow. You can configure requests for: The /authorize endpoint to initiate the login flow. The /token endpoint to exchange the authorization code for tokens. This allows you to interact w...

When downloading the JDK (Java Development Kit), one is presented by different types of installers, e.g., MSI installer, or the compressed archive version or the plain Installer version. See screenshot that shows the three types of installers available. Which one you would choose depends on whether you want the JDK for your personal Development environment or for your team/enterprise. See below brief explanations for the type of installer. Note, the screenshot shows the versions available for Windows Operating System. URL to download the JDK , Java SE Development Kit  https://www.oracle.com/java/technologies/downloads/#jdk21-windows (a) If you are an individual developer then choose the second option of "x64 Installer". This is an exe file (for Windows as shown in below screenshot) that launches the installation wizard which is straight forward. (b) However, if you need an installer for your team environment or enterprise then choose the "x64 MSI Installer". This in...

Account in Active Directory (AD) and account in Azure AD (AAD) Here AD is being referred to as the on-premise AD and  Azure AD (AAD) is the cloud based Active Directory. Here are two scenarios of user accounts.   The AAD user accounts are called as M365 accounts that are required to access MS services in the cloud, like M365 tenants, Exchange online mailboxes etc. Scenario: You only have Azure AD account, and an Exchange online mailbox. In this scenario how are the credentials synced. There is no syncing. Azure AD account acts as the single identity source for accessing both Azure AD and Exchange Online. The Azure AD account is the authoritative source for your identity and credentials. When you are assigned an Exchange Online mailbox, it is linked to your existing Azure AD account. Your Azure AD credentials (username, password) are used to authenticate and access both  Azure AD and your Exchange Online mailbox. There is no synchronization of credentials happening because...