It's been a rough week for Microsoft users who have first- and third-party apps that rely on Azure Active Directory for authentication. Microsoft has published a root-cause analysis of its issues.

Experts have revealed an Azure AD vulnerability exposing ClientId and ClientSecret in a publicly accessible appsettings.json file ...

Starting in October, Microsoft will enforce multi-factor authentication (MFA) for all Azure resource management actions to protect Azure clients from unauthorized access attempts.

Microsoft announces a passwordless authentication solution for Azure AD on iOS and Android to help fight phishing attacks.

Two cloud development services -- Azure Functions and Azure App Service -- are now available on Azure Stack, which brings cloud functionality to on-premises, hybrid implementations.

Secureworks researchers found what they say is a serious vulnerability in an Azure Active Directory authentication method, but Microsoft says it should not pose a serious risk to users.