Month: October 2024
Register for the .NET Conf 2024 12 -14 Nov and the .NET Student Zone 18 & 19th Nov
Register Now
Registration link:
What is the .NET Conf Student Zone?
Career advice
Logistics
Session 1
Sneak peak of the sessions
How to prepare
Join live or watch later
Microsoft Tech Community – Latest Blogs –Read More
Microsoft Releases New Cloud Licensing Graph API in Beta
Cloud Licensing Aims to Make Microsoft 365 Licensing Data Easier to Access
Microsoft 365 licensing is much more complicated than it was even a few years ago. Microsoft’s page detailing product names and identifiers for licensing includes a CSV file with details of the various licenses. As of August 19, 2024, the CSV includes 555 different licenses and 714 individual service plans. To be clear, a license is a product (SKU) that Microsoft sells to customers, like Office 365 E3. A service plan is a licensable component within a product. For instance, Microsoft 365 E5 includes 86 service plans spanning everything from Mesh Avatars for Teams to Microsoft Defender for Identity.
The permutations and combinations of valid licenses that can be assigned to individual user accounts can slow down license processing. The Graph defines assigned licenses as a resource type and includes methods to list license details and assign licenses (including license removal or disablement of individual service plans). These methods have been available for several years and can also be called using Microsoft Graph PowerShell SDK cmdlets like Set-MgUserLicense (here’s an example).
Cloud Licensing Graph API
Administrative consoles like the Microsoft 365 admin center call the Graph APIs to list and assign licenses. Some of the sections of the console that deal with licenses are not particularly quick when fetching and displaying information, and this is what might be leading Microsoft to cloud licensing, a new Graph API currently in beta. The description for cloud licensing says that it “improves license management by breaking down licenses from various subscriptions into smaller, manageable pools called allotments. The association of licenses to their unique subscriptions enables more granular accounting and reporting for an organization.”
Cloud licensing includes the usageRight resource type to fetch information about the licenses and service plans available to user accounts and to the groups used for group-based assignment.
Retrieving Usage Rights
For example, here’s how to list the usage rights available to a group used for group-based assignment. The results show that licenses for 3 products are granted. Anyone receiving licenses through this method has usage rights to the services covered by the licenses.
$Uri = “https://graph.microsoft.com/beta/groups/ebe02ef6-c696-4cdb-92d1-011a6c2a02d2/cloudlicensing/usagerights”
$Data = Invoke-MgGraphRequest -Uri $Uri -Method GET | Select-Object -ExpandProperty Value
$Data
Name Value
—- —–
services {EXCHANGE_S_FOUNDATION, Microsoft Stream}
skuPartNumber STREAM
id lotmbw4kyvnj36bhtnji6lftbjgddctboeksk3gct4iz3eku3zq4
skuId 1f2f344a-700d-42c9-9427-5cea1d5d7ba6
services {EXCHANGE_S_FOUNDATION, DYN365_CDS_VIRAL, FLOW_P2_VIRAL}
skuPartNumber FLOW_FREE
id l2zmjxukqup5r7lgtib563ftbnocbw3veqacc6gd35iytrkvtj2z
skuId f30db892-07e9-47e9-837c-80727f46fd3d
services {PURVIEW_DISCOVERY, EXCHANGE_S_FOUNDATION, BI_AZURE_P0}
skuPartNumber POWER_BI_STANDARD
id l6tyltw2qbpmtllcr5lm42hdb4gcldrfefkgioed35kztriazjyz
skuId a403ebcc-fae0-4ca2-8c8c-7a907fd6c235
This command finds the usage rights available to a user account. Note that the URI requires the user account identifier. You cannot refer to the user account by its user principal name.
$Uri = “https://graph.microsoft.com/beta/users/aff4cd58-1bb8-4899-94de-795f656b4a18/cloudLicensing/usageRights”
$Data = Invoke-MgGraphRequest -Uri $Uri -Method GET | Select-Object -ExpandProperty Value
Name Value
—- —–
services {COPILOT_STUDIO_IN_COPILOT_FOR_M365, M365_COPILOT_SHAREPOINT, GRAPH_CONNECTORS_COPILOT, M365_COP…
skuPartNumber Microsoft_365_Copilot
id inwf6tzow4n4v6f4cr6pyldtbfgcgwr7q6utok5dqi3ytjsyquwf
skuId 639dec6b-bb19-468b-871c-c5c441c4b0cb
…
The usage rights data returned by the request is exactly the same as can be retrieved through the licenseDetails resource type (or the Get-MgUserLicenseDetail cmdlet, as used in the Microsoft 365 licensing report script, which covers both direct and group-based assignments):
$Uri = “https://graph.microsoft.com/beta/users/eff4cd58-1bb8-4899-94de-795f656b4a18/licenseDetails”
$Data = Invoke-MgGraphRequest -Uri $Uri -Method GET | Select-Object -ExpandProperty Value
$Data
Name Value
—- —–
servicePlans {COPILOT_STUDIO_IN_COPILOT_FOR_M365, M365_COPILOT_SHAREPOINT, GRAPH_CONNECTORS_COPILOT, M365_COP…
skuPartNumber Microsoft_365_Copilot
id PzFitvwUokOaetLif080eGvsnWMZu4tGhxzFxEHEsMs
skuId 639dec6b-bb19-468b-871c-c5c441c4b0cb
Some of the documented uses don’t work. For example, this command should find if the specified user account has a usage right for Teams:
$Uri = “https://graph.microsoft.com/beta/users/aff4cd58-1bb8-4899-94de-795f656b4a18/cloudLicensing/usageRights?`$filter=services/any(c:c/planId eq 57ff2da0-773e-42df-b2af-ffb7a2317929)”
However, any attempt to find usage rights with a filter against a specific service plan results in a 403 forbidden error. Some of the error text refers to a private preview, so this command might not yet be available in the wild.
Puzzled by the Cloud Licensing API
I’m puzzled by the new API because I don’t know what extra Microsoft wants to achieve from usage rights over the current licensing APIs. It might be that a usage right is a faster way to lookup if a user account has the license required to access a feature. This would be valuable especially in large tenants where hundreds of thousands of licenses might be present. It could be that allotments of licenses could be managed by administrative units or geographies in a multi-geo Microsoft 365 tenant to enable more granular control over license allocation and spend.
All of this is guesswork. In time, no doubt Microsoft will explain the value and intent of the Cloud Licensing API (platform), usage rights, and allotments.
Support the work of the Office 365 for IT Pros team by subscribing to the Office 365 for IT Pros eBook. Your support pays for the time we need to track, analyze, and document the changing world of Microsoft 365 and Office 365.
retention logs on a specific entity
Hello,
Do you know if there is a way for extending the retention logs in defender regarding a specific entity ?
Thank you,
Hello,Do you know if there is a way for extending the retention logs in defender regarding a specific entity ?Thank you, Read More
Feature request – note field for AAGUID
Dear Microsoft Team,
I am writing to request a feature enhancement for MS Entra. Specifically, it would be highly beneficial to have a note field associated with each enabled AAGUID. Currently, it is challenging to identify the device corresponding to each AAGUID.
Adding this feature would greatly improve the usability and management of devices within MS Entra.
Thank you for considering this request. I look forward to your response.
Best regards,
Martin
Dear Microsoft Team, I am writing to request a feature enhancement for MS Entra. Specifically, it would be highly beneficial to have a note field associated with each enabled AAGUID. Currently, it is challenging to identify the device corresponding to each AAGUID.Adding this feature would greatly improve the usability and management of devices within MS Entra.Thank you for considering this request. I look forward to your response.Best regards,Martin Read More
Deploy Streamlit on Azure Web App
Streamlit is an open-source app framework that enables the creation of data-driven web applications with minimal coding. It’s particularly popular for machine learning and AI-related projects, as it allows developers to easily create interactive dashboards directly from Python scripts.
This tutorial will guide you through the process of deploying a Streamlit application locally and on an Azure Web App, including considerations for memory usage during deployment.
TOC:
Hosting in Development Environment
Hosting in Azure Web App
Module and Memory Usage
Referencs
Hosting in Development Environment
To run a Streamlit application in your local development environment, follow these steps:
STEP 1:
Use VSCode to open an empty folder. Start a terminal and input the following commands to create a Python virtual environment and switch the current session to this environment.
Windows
python -m venv .venv
..venvScriptsActivate.ps1
Linux
python -m venv .venv
source .venv/Scripts/activate
STEP 2:
Enter the pip command to install streamlit and create a file named “app.py”. Run another command to start the local server hosting the project. You will then be able to visit the project page in your browser at http://127.0.0.1:8501.
# Install Streamlit
pip install streamlit
# Launch server after app.py has been created
python -m streamlit run app.py
Hosting in Azure Web App
To deploy your Streamlit application on Azure Web App, follow these general steps:
STEP 1:
Create a Linux Python Web App on Azure.
STEP 2:
Using VSCode, add two files, “streamlit.sh” and “.deployment”, to the root directory of your project.
streamlit.sh
pip install streamlit
python -m streamlit run app.py –server.port 8000 –server.address 0.0.0.0
.deployment
[config]
SCM_DO_BUILD_DURING_DEPLOYMENT=false
STEP 3:
Deploy the root directory of the project to the Python app you just created using VSCode.
STEP 4:
On Azure, find the Python app and modify the startup command as follows, then restart the app.
bash /home/site/wwwroot/streamlit.sh
STEP 5:
Check if your project is running correctly.
Module and Memory Usage
Although Streamlit itself can be installed via a simple pip command (pip install streamlit), it has several dependencies related to AI and machine learning libraries. These dependencies may consume a significant amount of memory, especially during the deployment process and when running your Streamlit application.
If your application process is unexpectedly terminated, or you encounter an Exit Code 137, this usually indicates that your Web App has run out of available memory. In such cases, consider upgrading to a higher SKU with more memory to ensure smooth deployment and operation.
Here’s an example:
References
Azure Linux Web App and http server – Microsoft Community Hub
Deploy Mkdocs page on Azure Web App – Microsoft Community Hub
Install Streamlit using command line – Streamlit Docs
Troubleshoot Python function apps in Azure Functions | Microsoft Learn
python – Azure Function Exit code: 137 | Please review your requirements.txt – Stack Overflow
Microsoft Tech Community – Latest Blogs –Read More
Assistance Required: Microsoft Viva Engage Native Mode Upgrade Failure (ID: MV906775)
Hello everyone,
I’ve recently received an email from Microsoft with the subject “Microsoft Viva Engage Native Mode upgrade failed in your tenant” (ID: MV906775). However, I’m struggling to understand the issue and couldn’t find any clear details in the Microsoft 365 admin portal.
The email mentioned the following:
The network was upgraded to Native Mode but certain pre-conditions prevented the upgrade from being completed.It referenced previous communication (Message center post MC424414) regarding the upgrade from Non-Native Mode or hybrid Networks to Native Mode to align with Azure AD and Microsoft 365.
As this issue needs action from my end to proceed with the upgrade, could someone help me with:
What specific pre-conditions could cause this upgrade failure?How can I identify and resolve these issues in my tenant?If any previous users encountered this, what steps did you take to fix the issue?
Any guidance would be greatly appreciated. Thank you in advance for your help!
Best regards,
Janak Khadka
Hello everyone,I’ve recently received an email from Microsoft with the subject “Microsoft Viva Engage Native Mode upgrade failed in your tenant” (ID: MV906775). However, I’m struggling to understand the issue and couldn’t find any clear details in the Microsoft 365 admin portal.The email mentioned the following:The network was upgraded to Native Mode but certain pre-conditions prevented the upgrade from being completed.It referenced previous communication (Message center post MC424414) regarding the upgrade from Non-Native Mode or hybrid Networks to Native Mode to align with Azure AD and Microsoft 365.As this issue needs action from my end to proceed with the upgrade, could someone help me with:What specific pre-conditions could cause this upgrade failure?How can I identify and resolve these issues in my tenant?If any previous users encountered this, what steps did you take to fix the issue?Any guidance would be greatly appreciated. Thank you in advance for your help! Best regards,Janak Khadka Read More
新葡京公司开户-17300435119
微软学习平台(Microsoft Learn)课程丰富性:这是微软官方推出的免费在线学习平台,提供了大量与微软产品和技术相关的学习内容,涵盖 Azure、Windows、Office、Dynamics、Power Apps、Teams 等众多产品和服务。课程形式多样,包括文档、视频教程、实践练习等。
微软学习平台(Microsoft Learn)课程丰富性:这是微软官方推出的免费在线学习平台,提供了大量与微软产品和技术相关的学习内容,涵盖 Azure、Windows、Office、Dynamics、Power Apps、Teams 等众多产品和服务。课程形式多样,包括文档、视频教程、实践练习等。 Read More
Validating your request. This may take several minutes
I am trying to download windows insider arm64 version but I try to download yesterday 3 times waiting over 40 min for each time, and today I try two times waiting over a hour each time, there goes 4-5 hours and “Validating your request. This may take several minutes” help me !!!! just validate the request I need this virtual machine asap
I am trying to download windows insider arm64 version but I try to download yesterday 3 times waiting over 40 min for each time, and today I try two times waiting over a hour each time, there goes 4-5 hours and “Validating your request. This may take several minutes” help me !!!! just validate the request I need this virtual machine asap Read More
Untag (disassociate) phone number to the Microsoft Developer Program
Hi all, I am seeking help to un-tag my phone number used to sign-up for the Microsoft Developer Program.
The sign-up failed as the account does not have the correct eligibility.
I have deleted the Profile.
Then I tried to use another account to sign-up.
However, i got message of Your phone number is already associated with an existing developer account.
Thus, I need to use the same phone number for another account.
Anyone knows what to do this with.
Highly appreciate the help!
Hi all, I am seeking help to un-tag my phone number used to sign-up for the Microsoft Developer Program.The sign-up failed as the account does not have the correct eligibility.I have deleted the Profile.Then I tried to use another account to sign-up.However, i got message of Your phone number is already associated with an existing developer account.Thus, I need to use the same phone number for another account. Anyone knows what to do this with.Highly appreciate the help! Read More
i phone trash
Why does trash come back after deleting on my iPhone outlook mail?
thank you
TIMMY 2 TOES
Why does trash come back after deleting on my iPhone outlook mail?thank youTIMMY 2 TOES Read More
How to create Pivoted Table in Sharepoint List
Hello everyone is there anyway we can create a new list as pivoted table from another list. same as in access database or sql server admin? thank you.
Hello everyone is there anyway we can create a new list as pivoted table from another list. same as in access database or sql server admin? thank you. Read More
Unlocking next-generation AI capabilities with healthcare AI models
Microsoft has announced the launch of healthcare AI models, a collection of cutting-edge multimodal medical imaging foundation models available in the Microsoft Azure AI model catalog. Developed in collaboration with Microsoft Research and strategic partners, these AI models are specifically designed for healthcare organizations to test, fine-tune, and build AI solutions tailored to their specific needs, all while minimizing the extensive compute and data requirements typically associated with building multimodal models from scratch.
Learn more here!
Unlocking next-generation AI capabilities with healthcare AI models – Microsoft Industry Blogs
Microsoft Tech Community – Latest Blogs –Read More
Microphone is not working properly.
My microphone is not working properly I can hear them but they can’t hear me
My microphone is not working properly I can hear them but they can’t hear me Read More
Spam in inbox getting out of control
Lately, Outlook (Hotmail) has been failing miserably at filtering spam from our inboxes. Instead of going to spam, they remain in our inbox.
A particularly annoying trend is the influx of emails that include the word “insurance” in either the subject line or the sender’s name. This surge has made it nearly impossible for users to effectively manage unwanted messages.
Adding a custom filter falls flat due to the convoluted hierarchy and structure of these emails. Users are left frustrated because flagging these messages does nothing to help; the sender’s name constantly changes, rendering any filtering attempt useless.
To make matters worse, the default setting when reporting the message as spam now blocks the sender, but this approach is utterly ineffective. Since many of these spam emails come from various addresses, blocking one sender simply opens the floodgates to more spam from another. This not only fails to solve the problem but also eats up our quota for blocked senders, leaving us with even fewer options to combat the spam invasion.
It’s becoming painfully clear that Microsoft is once again tone-deaf to the needs of its users. The lack of effective spam filtering is not just frustrating—it’s infuriating. It’s high time for a solution that actually addresses the issues we face.
Lately, Outlook (Hotmail) has been failing miserably at filtering spam from our inboxes. Instead of going to spam, they remain in our inbox. A particularly annoying trend is the influx of emails that include the word “insurance” in either the subject line or the sender’s name. This surge has made it nearly impossible for users to effectively manage unwanted messages. Adding a custom filter falls flat due to the convoluted hierarchy and structure of these emails. Users are left frustrated because flagging these messages does nothing to help; the sender’s name constantly changes, rendering any filtering attempt useless. To make matters worse, the default setting when reporting the message as spam now blocks the sender, but this approach is utterly ineffective. Since many of these spam emails come from various addresses, blocking one sender simply opens the floodgates to more spam from another. This not only fails to solve the problem but also eats up our quota for blocked senders, leaving us with even fewer options to combat the spam invasion. It’s becoming painfully clear that Microsoft is once again tone-deaf to the needs of its users. The lack of effective spam filtering is not just frustrating—it’s infuriating. It’s high time for a solution that actually addresses the issues we face. Read More
IF TODAY Equation Not Calculating Properly
I am trying to mark whether the asset or link has expired and return yes or no but they are not calculating properly. When I try to go into the formula editor to see where the error could be, I just see “Volatile”.
Equations:
Column M references another sheet in the workbook: =XLOOKUP(K2, Assets_Path, Assets_Expiration)Column N: =IF(I2<TODAY(),”Yes”, “No”)Column O: =IF(M2<TODAY(),”Yes”,”No”)Column P: =IF(AND(I2<TODAY(), M2<TODAY()), “Yes”, “No”)Column Q (Used just to see if the TODAY function was working): =TODAY()
I have made sure that the referenced cells in column M, column I, and the result in column M are all date format and I’ve tried using the NOW() function instead but got the same result. I have also tested the equations on items that are not expired and received the same results as in the screenshot.
I’m sure the solution is right in front of me but I can’t figure it out.
I am trying to mark whether the asset or link has expired and return yes or no but they are not calculating properly. When I try to go into the formula editor to see where the error could be, I just see “Volatile”. Equations:Column M references another sheet in the workbook: =XLOOKUP(K2, Assets_Path, Assets_Expiration)Column N: =IF(I2<TODAY(),”Yes”, “No”)Column O: =IF(M2<TODAY(),”Yes”,”No”)Column P: =IF(AND(I2<TODAY(), M2<TODAY()), “Yes”, “No”)Column Q (Used just to see if the TODAY function was working): =TODAY() I have made sure that the referenced cells in column M, column I, and the result in column M are all date format and I’ve tried using the NOW() function instead but got the same result. I have also tested the equations on items that are not expired and received the same results as in the screenshot. I’m sure the solution is right in front of me but I can’t figure it out. Read More
End-to-End Full-Stack Web Application with Azure AD B2C Authentication: A Complete Guide
Application Overview
The purpose of this sample application is to demonstrate the usage of Azure Active Directory B2C (Azure AD B2C) for authentication and authorization in a full-stack web application with a React frontend (deployed as Azure Static Web App), a backend API written in Express (deployed as an Azure App Service) that connects to a SQL database. The CI/CD pipelines are set up using GitHub Actions to automate the build and deployment processes.
Application Architecture
The source code for this application is available at: naveedkharadi/swa-nodejs-sql (github.com)
Here is the application architecture diagram:
This diagram shows the components involved in the application:
Azure Static Web Apps: Hosts the React frontend application and provides a URL for accessing the application.
Azure Web Apps: Hosts the Express backend API and provides a URL for accessing the API.
Azure SQL Database: Stores the data for the application, which is accessed by the backend API.
Azure AD B2C: Handles the authentication and authorization for the application, allowing users to sign in and access the application.
GitHub Actions: Provides CI/CD pipelines for automating the build and deployment processes.
The app architecture with regards to app registrations is illustrated in the following diagram: (source: Microsoft Docs)
Prerequisites
Azure Subscription:
An active Azure subscription is required to deploy the application to Azure services such as Azure Static Web Apps and Azure Web Apps.
Azure AD B2C Tenant:
An Azure AD B2C tenant is required for handling authentication and authorization.
App registrations for the frontend and backend need to be created in the Azure AD B2C tenant.
Policies for sign-in and sign-up should be configured in the Azure AD B2C tenant.For this application, a user flow named B2C_1_Sign_Up_Sign_In has been used.
Node.js and npm:
Node.js and npm (Node Package Manager) should be installed on your local development machine.
These are required to run and build the React frontend and Express backend.
Azure CLI (optional):
Azure CLI should be installed and configured on your local machine.
This is used for deploying the application to Azure and managing Azure resources.
GitHub Account:
A GitHub account is required to use GitHub Actions for CI/CD.
The repository should be hosted on GitHub to leverage GitHub Actions workflows.
Visual Studio Code:
Visual Studio Code (VS Code) is recommended for editing and managing the project files.
Extensions for Azure and GitHub integration can be helpful.
GitHub Account:
Create a GitHub account if you don’t have one.
Clone the repository to your local machine using git clone https://github.com/naveedkharadi/swa-nodejs-sql.git.
Visual Studio Code:
Install Visual Studio Code.
Recommended extensions:
Azure Account
Azure App Service
Azure Static Web Apps
Azure SQL Database:
An Azure SQL Database is required to store the data for the application. For the purpose of this demo, the free tier of Azure SQL Database can be used.
The database schema and initial data can be set up using the SQL scripts provided in the 1-database directory.
Folder Structure
.github/workflows/: Contains GitHub Actions workflows for CI/CD.
azure-static-web-apps-delightful-pebble-0bec84b00.yml: Workflow for deploying the React frontend to Azure Static Web Apps.
main_swa-api-sql-api.yml: Workflow for deploying the Express backend to Azure Web Apps.
src/: Contains the source code for the application.
1-database/: Contains SQL scripts for setting up the database.
setup.sql: SQL script for setting up the database schema and initial data.
2-api/: Contains the Express backend code.
api.js: Main Express application file.
package.json: Node.js dependencies and scripts for the backend.
3-swa/: Contains the React frontend code.
build/: Directory containing the built React application.
public/: Public assets for the React application.
src: Source code for the React application.
package.json: Node.js dependencies and scripts for the frontend.
Key Components
Backend (Express)
Environment Variables: For local development and testing, the backend uses environment variables defined in .env for database connection and authentication configuration. In production, these environment variables are set in the Azure portal or using the Azure CLI.
Database Connection: The backend connects to a SQL database using the mssql package.
Authentication: The backend uses JWT for authentication, with keys fetched from Azure AD B2C.
API Endpoints:
GET /employees: Fetches a list of employees from the database.
GET /employees/id: Fetches a single employee by ID from the database.
POST /employees: Adds a new employee to the database.
Frontend (React)
Environment Variables: For local development and testing, the frontend uses environment variables defined in .env for MSAL (Microsoft Authentication Library) configuration and API root URL. In production, these environment variables are set in the GitHub Actions workflow.
MSAL Configuration: The frontend is configured to use MSAL for authentication with Azure AD B2C.
Build Process: The React application is built using npm run build, which outputs the built files to the build/ directory.
CI/CD Workflows
Azure Static Web Apps (Frontend)
Workflow File: azure-static-web-apps-delightful-pebble-0bec84b00.yml
Workflow Steps Explained:
Checkout the repository.
Setup Node.js.
Install npm packages and build the React application.
Deploy the built application to Azure Static Web Apps using the Azure/static-web-apps-deploy@v1 action.
Azure Web Apps (Backend)
Workflow File: main_swa-api-sql-api.yml
Workflow Steps Explained:
Checkout the repository.
Setup Node.js.
Install npm packages and build the Express application.
Zip the built application.
Upload the artifact for deployment.
Deploy the application to Azure Web Apps using the azure/webapps-deploy@v3 action.
Authentication Mechanisms
React Frontend
The React frontend uses Microsoft Authentication Library (MSAL) for authentication with Azure AD B2C. Here are the key components involved:
MSAL Configuration:
The configuration for MSAL is defined in src/config.js:
export const msalConfig = {
auth: {
clientId: process.env.REACT_APP_CLIENT_ID, // Client ID of the app registration for UI app
authority: process.env.REACT_APP_AUTHORITY, // <tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/<policy-name>
redirectUri: process.env.REACT_APP_REDIRECT_URI, // Redirect URI for the app
knownAuthorities: [process.env.REACT_APP_KNOWN_AUTHORITIES], // <tenant-name>.b2clogin.com
postLogoutRedirectUri: process.env.REACT_APP_POST_LOGOUT_REDIRECT_URI, // Post-logout redirect URI
},
};
export const appConfig = {
apiRootUrl: process.env.REACT_APP_API_ROOT_URL, // E.g. https://<api-app-name>.azurewebsites.net
loginRequest: {
scopes: process.env.REACT_APP_SCOPES.split(‘ ‘), // E.g. [‘openid’, ‘offline_access’, ‘https://<tenant-name>.onmicrosoft.com/swa-api-sql-api/Employees.Read’, ‘https://<tenant-name>.onmicrosoft.com/swa-api-sql-api/Employees.Write’]
},
};
This configuration uses environment variables to set up the client ID, authority, redirect URI, known authorities, and post-logout redirect URI.
Environment Variables:
For local development and testing, the environment variables are defined in the .env file:
REACT_APP_CLIENT_ID=<your-client-id>
REACT_APP_AUTHORITY=https://<your-tenant-name>.b2clogin.com/<your-tenant-name>.onmicrosoft.com/<your-sign-in-sign-up-policy>
REACT_APP_REDIRECT_URI=<your-frontend-app-url>
REACT_APP_KNOWN_AUTHORITIES=<your-tenant-name>.b2clogin.com
REACT_APP_POST_LOGOUT_REDIRECT_URI=<your-frontend-app-logout-url>
REACT_APP_API_ROOT_URL=<your-backend-app-url>
REACT_APP_SCOPES=<your-scopes>
NOTE: When you deploy the application, since a React app does not have access a NodeJS type environment, you will need to provide these environment variables in the build pipeline using GitHub variables as you can see in the workflow file (azure-static-web-apps-delightful-pebble-0bec84b00.yml).
Usage in Components:
The MSAL configuration is used in the React components to handle authentication flows, such as login, logout, and token acquisition.
Express Backend
The Express backend uses JWT (JSON Web Tokens) for authentication, with keys fetched from Azure AD B2C. Here are the key components involved:
JWT Middleware:
The backend uses the express-jwt and jwks-rsa packages to validate JWT tokens. Since AD B2C uses key rotation, the keys are fetched dynamically from the JWKS endpoint.
The middleware is configured in api.js:
const authenticateToken = jwt({
secret: jwksRsa.expressJwtSecret({
cache: true,
rateLimit: true,
jwksUri: `https://${config.b2cTenant}.b2clogin.com/${config.b2cTenant}.onmicrosoft.com/${config.b2cPolicy}/discovery/v2.0/keys`
}),
audience: `${config.audience}`,
issuer: `https://${config.b2cTenant}.b2clogin.com/${config.tenantId}/v2.0/`,
algorithms: [‘RS256’]
});
audience is the client ID of the API application (which can be obtained from the app registration).
issuer is the issuer URL for the B2C tenant.
jwkUri is the URL for the JWKS endpoint to fetch the keys. This can be obtained from the B2C metadata endpoint which is available at https://<tenant-name>.b2clogin.com/<tenant-name>.onmicrosoft.com/<policy-name>/v2.0/.well-known/openid-configuration.
Environment Variables:
The environment variables are defined in the .env file (example below):
AUTHORITY=<your-tenant-name>.b2clogin.com/<your-tenant-name>.onmicrosoft.com/<your-sign-in-sign-up-policy>
CLIENT_ID=<your-client-id>
NOTE: When you deploy the application to an Azure App Service, you need to set these environment variables in the Azure portal or using the Azure CLI.
Protected Routes:
The authenticateToken middleware is used to protect routes, ensuring that only authenticated users can access them.
Application Execution Setup
Install Dependencies:
Navigate to the frontend directory (3-swa) and run npm install.
Navigate to the backend directory (2-api) and run npm install.
Environment Variables:
Create a .env file in both the frontend and backend directories.
Add the necessary environment variables as specified in the README.md.
Build and Run the Application Locally:
Build the React frontend using npm run build in the 3-swa directory.
Run the Express backend using npm start in the 2-api directory.
Deploy to Azure:
Use the Azure CLI to deploy the frontend to Azure Static Web Apps. For example:
az staticwebapp create –name <app-name> –resource-group <resource-group-name> –location <location> –sku Free –app-location <frontend-directory>
Use the Azure CLI to deploy the backend to Azure Web Apps. For example:
az webapp up –name <app-name> –resource-group <resource-group-name> –location <location> –sku F1 –runtime “NODE|14-lts”
Set Up CI/CD:
Configure GitHub Actions workflows for CI/CD.
Create secrets & variables in the GitHub repository settings.
Update the workflow files with the necessary environment variables.
Test the Application:
Test the application by accessing the deployed frontend URL.
Verify that the authentication and data retrieval functionalities are working as expected.
Additional Resources
Azure Static Web Apps Documentation
Azure Web Apps Documentation
Azure AD B2C Documentation
MSAL for JavaScript Documentation
Configure a sample SPA app
Source code: naveedkharadi/swa-nodejs-sql (github.com)
Microsoft Tech Community – Latest Blogs –Read More
Revolutionizing Healthcare: De-identification Service in Azure Health Data Services
This blog has been authored by Kimia Mavon.
Machine learning and analytics are increasingly used to improve health outcomes, enhance patient and clinician experiences, and optimize organizational performance within healthcare systems. The foundation of these solutions is data, which continues to grow at an unprecedented rate, particularly in unstructured documentation. Healthcare organizations seeking to leverage this data for machine learning, analytics, or other uses outside of clinical care may be required to de-identify health information of patients. However, manual de-identification of unstructured patient health records is both time-consuming and expensive. Moreover, many automated methods fall short of meeting the stringent requirements of healthcare data privacy, rendering them inadequate to support medical advancements.
Today, Microsoft is excited to offer a new de-identification service in Azure Health Data Services, empowering organizations to securely de-identify clinical data while preserving its clinical relevance and adhering to the strict standards of the HIPAA privacy rule.
The de-identification service consists of three operations, “TAG,” “REDACT,” and “SURROGATE.” The surrogation feature maximizes the balance between privacy and utility by replacing PHI elements with realistic surrogates. This process generates synthetic, de-identified data that closely resembles the original data and enables analytics and machine learning models to interact with de-identified, realistic data, found in production environments or at inference.
The de-identification service enables healthcare organizations to leverage their data in a de-identified format to:
Train private machine learning models, including generative models, with de-identified data.
Develop analytics dashboards to drive data-driven decision-making.
Generate synthetic test data to troubleshoot difficult-to-reproduce issues in test environments.
Facilitate data sharing across collaborating institutions, fostering the creation of extensive datasets and unlocking opportunities for clinical research and discoveries.
Conduct longitudinal studies to assess the predictive value of risk factors on diseases without revealing patient data.
Organizations across the healthcare spectrum can benefit from the de-identification service, with early adopters already planning to leverage the service to help advance some of their most prominent use cases.
A collaborative research group between Professors David Eyre (Professor of Infectious Diseases), Big Data Institute and Dominic Furniss (Professor of Plastic and Reconstructive Surgery), Nuffield Department of Orthopedics, Rheumatology and Musculoskeletal Sciences, at the University of Oxford, has been investigating de-identification services to support clinical research for the United Kingdom’s National Health Services (NHS) and has recommended the AHDS de-identification service for its performance protecting NHS patient data.
Doctors Rachel Kuo and Andrew Soltan are developing multimodal foundation models aimed at advancing medical diagnostics and treatment in Plastic and Reconstructive Surgery and Oncology. Doctors Kuo and Soltan work closely with patient partners and require robust de-identification for both patients and researchers. Large volumes of clinical data are required to train models, and automated, efficient de-identification is essential for scaling data availability. By first de-identifying the vast amounts of clinical data needed to train these models, Doctors Kuo and Soltan ensure patient privacy and protect the models against memorization attacks by obfuscating the training data so the model cannot reveal patient identifiers.
At Microsoft, we strive to empower healthcare providers, payors, scientists, and life sciences companies by accelerating their data and AI journey while maintaining a strong commitment to patient privacy.
Learn more about the service: Quickstart – Deploy the de-identification service (preview) in Azure Health Data Services | Microsoft Learn
Try it out: Health De-Identification Services – Microsoft Azure
Microsoft Cloud for Healthcare is helping your organization shape a healthier future with data and AI
We are excited to strengthen our data and AI investments through the Microsoft Cloud for Healthcare. Our healthcare solutions are built on a foundation of trust and Microsoft’s Responsible AI principles. Through these innovations, we are making it easier for our partners and customers to create connected experiences at every point of care, empower their healthcare workforce, and unlock the value from their data using data standards that are important to the healthcare industry.
Learn more:
Read more about Azure Health Data Services
Explore Microsoft Cloud for Healthcare.
Microsoft Tech Community – Latest Blogs –Read More
After adding photos to Power Point Photo Album previous photos corrupted
I created a PowerPoint photo album with some photos, edited some pictures ( made some corrections, added texts, cropped), and saved them.
Then I added some more pictures through the edit photo album option and clicked update. After updating the previously edited pictures are corrupted. A few pictures were not added. In the edit window, some pictures are showing properly on the preview but in the slide show not appear properly.
Kindly suggest how to repair the corrupted pictures.
I created a PowerPoint photo album with some photos, edited some pictures ( made some corrections, added texts, cropped), and saved them.Then I added some more pictures through the edit photo album option and clicked update. After updating the previously edited pictures are corrupted. A few pictures were not added. In the edit window, some pictures are showing properly on the preview but in the slide show not appear properly.Kindly suggest how to repair the corrupted pictures. Read More
Tech Talks presents: Power Automate cloud flows best practices
Join us on Thursday, October 24 at 8am PT as Reza Dorrani, Principal Program Manager, Power CAT, Rasika Chaudhary, Principal Program Manager, Power CAT presents ‘Power Automate cloud flows best practices‘.
Call to Action:
Click on the link to save the calendar invite: https://aka.ms/TechTalksInvite
View past recordings (sign in required): https://aka.ms/TechTalksRecording
Join us on Thursday, October 24 at 8am PT as Reza Dorrani, Principal Program Manager, Power CAT, Rasika Chaudhary, Principal Program Manager, Power CAT presents ‘Power Automate cloud flows best practices’.
Call to Action:
Click on the link to save the calendar invite: https://aka.ms/TechTalksInvite
View past recordings (sign in required): https://aka.ms/TechTalksRecording
New episode: Windows in the Cloud – Leadership Spotlight: Melissa Grant, Windows Marketing
Tune in on October 24th for a new episode of Windows in the Cloud: Leadership Spotlight: Melissa Grant, Windows Marketing.
On this episode, we have an exciting interview with Senior Director of Windows Marketing, Melissa Grant. Gain unique insights on the evolution of Windows moving to the cloud. Get a peek at what to expect at Microsoft Ignite 2024. Don’t miss an engaging and informative discussion that might change the way you think about the future of Windows in the cloud and AI.
Windows in the Cloud is an easy way to get up to speed on the latest features, functionality, and future roadmap for Windows 365. Windows in the Cloud offers an up-close look at configuring, deploying, and managing Cloud PCs — focusing on demos and real-world best practices so that you can learn what you need to know and get on your way.
Catch more Windows in the Cloud at https://aka.ms/WindowsInTheCloud.
Have questions? Bring them to our next Windows 365 AMA! Visit https://aka.ms/AMA/WindowsInTheCloud for upcoming dates and times.
Tune in on October 24th for a new episode of Windows in the Cloud: Leadership Spotlight: Melissa Grant, Windows Marketing.
On this episode, we have an exciting interview with Senior Director of Windows Marketing, Melissa Grant. Gain unique insights on the evolution of Windows moving to the cloud. Get a peek at what to expect at Microsoft Ignite 2024. Don’t miss an engaging and informative discussion that might change the way you think about the future of Windows in the cloud and AI.Windows in the Cloud is an easy way to get up to speed on the latest features, functionality, and future roadmap for Windows 365. Windows in the Cloud offers an up-close look at configuring, deploying, and managing Cloud PCs — focusing on demos and real-world best practices so that you can learn what you need to know and get on your way.
Catch more Windows in the Cloud at https://aka.ms/WindowsInTheCloud.
Have questions? Bring them to our next Windows 365 AMA! Visit https://aka.ms/AMA/WindowsInTheCloud for upcoming dates and times. Read More
