It’s been an interesting week setting up to demo… security tokens. Azure AD does a wonderful job of doing the heavy lifting for you. ADAL is very nice. I reflect back on Geneva and earlier efforts and we have come so far as an industry.
But it’s demo time and how do you show JWT tokens flying around. If it’s a screen pop of the Windows Account login, of Multifactor Authentication asking for your text message code, sure easy. Once you have a bearer token cached though, what’s to show. Click on app, app opens. Wanna see a security audit log?
It’s hard being the server guy. When you do things right, things just work and no one complains.