-

May 21, 2026

Gowtham K

⏱︎

Read time:

4–5 minutes

Configure Password Expiration Policy in Azure AD B2C Using Organization Password Policy

Azure AD B2C

Introduction: By default, local accounts in Azure AD B2C are often configured with the DisablePasswordExpiration policy, which prevents passwords from expiring. While this behavior simplifies user experience, many organizations require periodic password rotation to align with internal security standards and…
Read More →: Configure Password Expiration Policy in Azure AD B2C Using Organization Password Policy
May 12, 2026

Gowtham K

⏱︎

Read time:

7–10 minutes

Securing .NET 8 MVC Sessions with Microsoft Entra ID: Cookies, ID Tokens, and max_age

Microsoft Entra ID

Introduction: In a .NET 8 server-side MVC application integrated with Microsoft Entra ID, a common requirement is to force the user session to time out after 60 minutes. At first glance, this looks simple: configure the local application cookie to…
Read More →: Securing .NET 8 MVC Sessions with Microsoft Entra ID: Cookies, ID Tokens, and max_age
May 4, 2026

Gowtham K

⏱︎

Read time:

3–5 minutes

Implementing Secure Session Timeout in Azure AD B2C

Azure AD B2C

Introduction: Before diving into application session management in Azure AD B2C, let’s consider a real-world scenario. You have a .NET web application integrated with Azure AD B2C for authentication, and your security requirement is straightforward:The user session must automatically expire…
Read More →: Implementing Secure Session Timeout in Azure AD B2C
March 11, 2026

Gowtham K

⏱︎

Read time:

4–6 minutes

Azure AD B2C Custom Policy – Preventing Email Change After Verification in the Password Reset Flow

Azure AD B2C

Introduction: his article explains how to hide the “Change Email” (Change Claims) button that appears in the Azure AD B2C forgot password flow when using Display Controls for email verification. We recommend you to read the Azure AD B2C custom…
Read More →: Azure AD B2C Custom Policy – Preventing Email Change After Verification in the Password Reset Flow
February 24, 2026

Gowtham K

⏱︎

Read time:

6–9 minutes

Email Address Validation Before Sending Verification Code in Azure AD B2C Password Reset Flow

Azure AD B2C

Introduction: In a standard Azure AD B2C password reset flow, when a user clicks “Forgot your password?” they are presented with an email verification screen. The user enters their email address and clicks “Send verification code.” At this point, the…
Read More →: Email Address Validation Before Sending Verification Code in Azure AD B2C Password Reset Flow
February 19, 2026

Gowtham K

⏱︎

Read time:

6–9 minutes

Implementing User Exists Validation on Send Verification Code in Azure AD B2C Custom Policy

Azure AD B2C

Introduction: During sign-up in Azure AD B2C, users must provide an email address and verify it before creating an account. A common requirement is to check whether the email address already exists in the directory and show an error message…
Read More →: Implementing User Exists Validation on Send Verification Code in Azure AD B2C Custom Policy
December 15, 2025

Gowtham K

⏱︎

Read time:

5–7 minutes

Implementing Microsoft Graph API with Managed Identity in Azure App Service

Microsoft Entra ID

Introduction: In modern cloud-native applications, managing credentials and secrets has always been a significant security challenge. Traditional approaches require storing client secrets in configuration files, which poses security risks even when using secret management systems. Microsoft Azure’s Managed Identity feature…
Read More →: Implementing Microsoft Graph API with Managed Identity in Azure App Service
October 27, 2025

Gowtham K

⏱︎

Read time:

3–4 minutes

Migrating .NET in-process Azure Functions to the isolated model

Azure

Introduction: With Microsoft announcing the retirement of the .NET in-process Azure Functions model by November 10, 2026, it’s time for developers to start planning their migration to the isolated worker model. The in-process model has served well for years, but…
Read More →: Migrating .NET in-process Azure Functions to the isolated model
October 23, 2025

Gowtham K

⏱︎

Read time:

4–5 minutes

Fixing Blazor Server reconnects behind Azure Application Gateway (WebSocket issue)

Application Gateway, Azure

Introduction: Recently, I faced an interesting challenge while deploying a .NET Blazor Server application in an IIS Windows Server that sits behind an Azure Application Gateway. The app appeared to load fine at first, but after about 20 seconds, it…
Read More →: Fixing Blazor Server reconnects behind Azure Application Gateway (WebSocket issue)
October 14, 2025

Gowtham K

⏱︎

Read time:

4–6 minutes

Your API Can’t Be a Model Context Protocol (MCP)

AI, MCP

Introduction: In the world of AI-powered applications, it’s easy to assume that exposing your existing APIs to an LLM magically turns them into a Model Context Protocol (MCP) server. After all, both provide endpoints and functions, right? If you’ve been…
Read More →: Your API Can’t Be a Model Context Protocol (MCP)

Configure Password Expiration Policy in Azure AD B2C Using Organization Password Policy

Securing .NET 8 MVC Sessions with Microsoft Entra ID: Cookies, ID Tokens, and max_age

Implementing Secure Session Timeout in Azure AD B2C

Azure AD B2C Custom Policy – Preventing Email Change After Verification in the Password Reset Flow

Email Address Validation Before Sending Verification Code in Azure AD B2C Password Reset Flow

Implementing User Exists Validation on Send Verification Code in Azure AD B2C Custom Policy

Implementing Microsoft Graph API with Managed Identity in Azure App Service

Migrating .NET in-process Azure Functions to the isolated model

Fixing Blazor Server reconnects behind Azure Application Gateway (WebSocket issue)

Your API Can’t Be a Model Context Protocol (MCP)

Gowtham Kumar

Latest Posts

Configure Password Expiration Policy in Azure AD B2C Using Organization Password Policy

Securing .NET 8 MVC Sessions with Microsoft Entra ID: Cookies, ID Tokens, and max_age

Implementing Secure Session Timeout in Azure AD B2C

Categories

Tags