Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify Publisher of Azure AD Application (MSAL SSO) #245

Open
Kazzan opened this issue Jan 3, 2023 · 2 comments
Open

Verify Publisher of Azure AD Application (MSAL SSO) #245

Kazzan opened this issue Jan 3, 2023 · 2 comments

Comments

@Kazzan
Copy link

Kazzan commented Jan 3, 2023

Summary of the new feature / enhancement

Hi, currently the Azure AD Application record for PowerShell Gallery "PowerShell Gallery [PROD]" is not published by verified publisher "Microsoft Corporation". The standard recommendation of Microsoft Defender for Clous Apps (MDCA), the OAuth Apps Review marks this application as possible fake impersonating Microsoft.

Proposed technical implementation details (optional)

This should be improved by signing this MSAL SSO integration for AAD (or even personal MSA accounts) to make this application more trustworthy.
@SydneyhSmith
Copy link
Contributor

Thanks @Kazzan we will take a look into this

@sassdawe
Copy link

sassdawe commented Oct 8, 2023

Hi @SydneyhSmith, I just ran into this myself and it's a bit concerning to be honest. Thanks!

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sassdawe @Kazzan @SydneyhSmith