Topic reference
Protocols, tokens, sign-in flows, federation patterns, and the backend mechanics behind authentication systems.
Most recent
An operator's guide to onboarding a custom domain to Microsoft 365 and configuring SPF, DKIM, and DMARC — including the seven anti-patterns that break enterprise mail, a verification command toolkit, and the cutover sequence that prevents delivery incidents.
Read the article →All articles in this topic
Outlook keeps prompting for credentials in a loop, the user enters the right password, the prompt comes back. Walk the modern auth check, credential manager state, MFA enrolment, broken WAM token cache, and the registry keys that resolve the persistent loop.
An engineer-level rollout plan for Microsoft 365 multifactor authentication using Conditional Access, Authentication Strength policies, staged user rings, and exception handling for service accounts and B2B.
An engineering explanation of access, refresh, and ID token lifetimes in Microsoft Entra, how revocation actually propagates, and what Continuous Access Evaluation (CAE) changes for CAE-capable clients.
A technical guide to Password Hash Synchronization, Pass-Through Authentication, and federation with AD FS or PingFederate, centered on where validation really happens.
A technical guide to SAML, WS-Federation, OAuth 2.0, and OpenID Connect, focused on trust transfer, actor roles, and what the backend is validating.
A technical guide to Kerberos, NTLM, LDAP bind, passkeys, certificate-based authentication, and Windows Hello for Business, focused on what each method proves and how the backend validates it.
A technical guide to the major authentication protocols and sign-in models used in Microsoft environments, including Kerberos, NTLM, LDAP bind, SAML, WS-Federation, OAuth 2.0, OpenID Connect, passkeys, certificate-based authentication, AD FS, and Microsoft Entra sign-in models.
A detailed technical guide to Microsoft Entra Primary Refresh Token failures on Windows, including dsregcmd analysis, device trust, broker behavior, network dependencies, and remediation design.
A technical guide to Microsoft Entra passkeys for administrators, including passkey types, registration flows, Authentication Methods policy, Conditional Access, and deployment design.
An engineering-level explanation of access tokens and refresh tokens in Microsoft Entra ID, including token ownership, lifetime, renewal, revocation, and common troubleshooting patterns.
A top-to-bottom engineering explanation of how Microsoft Entra Conditional Access evaluates scope, combines controls, and influences token issuance.
Browse other topics