GitHub Azure AD OIDC Authentication

A walk through of how to authenticate between GitHub Actions and Azure AD without having to store secrets and instead using OIDC.

🔎 Looking for content on a particular topic? Search the channel. If I have something it will be there!

▬▬▬▬▬▬ C H A P T E R S ⏰ ▬▬▬▬▬▬
0:00 – Introduction
0:47 – How authentication used to work
1:47 – Using OIDC
5:21 – GitHub identity token and exchange for AAD access token
8:08 – Types of subject
11:15 – AAD app registration
13:42 – Using azure/login
15:22 – Adding federated credential
18:20 – Storing required values and using in GitHub
19:44 – App roles
20:10 – Summary

▬▬▬▬▬▬ K E Y L I N K S 🔗 ▬▬▬▬▬▬
► Whiteboard:
🔗 https://github.com/johnthebrit/RandomStuff/raw/master/Whiteboards/GitHubOIDCAuthentication.png
► GitHub OIDC authentication:
🔗 https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect#configuring-the-oidc-trust-with-the-cloud
► GitHub to AAD OIDC authentication:
🔗 https://learn.microsoft.com/azure/developer/github/connect-from-azure?tabs=azure-portal%2Cwindows
► AAD OIDC authentication:
🔗 https://learn.microsoft.com/azure/active-directory/workload-identities/workload-identity-federation-create-trust?pivots=identity-wif-apps-methods-azp

▬▬▬▬▬▬ Want to learn more? 🚀 ▬▬▬▬▬▬
📖 Recommended Learning Path for Azure
🔗 https://learn.onboardtoazure.com
🥇 Certification Content Repository
🔗 https://github.com/johnthebrit/CertificationMaterials
📅 Weekly Azure Update
🔗 https://youtube.com/playlist?list=PLlVtbbG169nEv7jSfOVmQGRp9wAoAM0Ks
☁ Azure Master Class
🔗 https://youtube.com/playlist?list=PLlVtbbG169nGccbp8VSpAozu3w9xSQJoY
⚙ DevOps Master Class
🔗 https://youtube.com/playlist?list=PLlVtbbG169nFr8RzQ4GIxUEznpNR53ERq
💻 PowerShell Master Class
🔗 https://youtube.com/playlist?list=PLlVtbbG169nFq_hR7FcMYg32xsSAObuq8
🎓 Certification Cram Videos
🔗 https://youtube.com/playlist?list=PLlVtbbG169nHz2qfLvPsAz9CnnXofhmcA
🧠 Mentoring Content
🔗 https://youtube.com/playlist?list=PLlVtbbG169nGHxNkSWB0PjzZHwZ0BkXZZ
❔ Questions? Maybe I answered it in my FAQ
🔗 https://savilltech.com/faq.html
👕 Cure Childhood Cancer Charity T-Shirt Channel Store
🔗 https://johns-t-shirts-store.creator-spring.com/

👂 I have manually updated the captions to be as accurate as possible. Enable the subtitles and from there you can translate to your native language via the auto-translate feature in settings! https://youtu.be/v5b53-PgEmI for a demo of using this feature.

SUBSCRIBE ✅ https://www.youtube.com/channel/UCpIn7ox7j7bH_OFj7tYouOQ?sub_confirmation=1

#microsoft #azure #johnsavillstechnicaltraining #onboardtoazure #cloud