{"id":75,"date":"2022-12-26T08:05:00","date_gmt":"2022-12-26T00:05:00","guid":{"rendered":"https:\/\/www.ruianding.com\/blog\/?p=75"},"modified":"2025-03-18T17:43:30","modified_gmt":"2025-03-18T09:43:30","slug":"enable-web-sign-in-with-temporary-access-pass","status":"publish","type":"post","link":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/","title":{"rendered":"Enable Web Sign-in with Temporary Access Pass"},"content":{"rendered":"\n

Overview<\/strong><\/h2>\n\n\n\n

This post will share how to implement Web Sign-in Feature, and this feature will allow the user sign-in Windows with the TAP (Temporary Access Pass).<\/p>\n\n\n\n

As the reminder, the Web Sign-in feature used to be the feature that can support 3rd party federation sign-in and MFA. For example, AAD Joined machine only supports 3rd party IDP with WS-TRUST protocol, and 3rd party such as Google IDP will not able to login Windows due to its federation protocol is SAML2. However, with Web Sign-in feature, user would be able to sign-in since an embedded browser looking window will pop up. And it is different from the normal Windows Sign-in, and the limitation due to the federation protocol will no longer exist.<\/p>\n\n\n\n

Besides, due to Windows Sign-in is considered as non-interactive, and the interactive MFA will not be supported. The web sign-in can also mitigate this limitation, which allows user to do MFA in the embedded browser window.<\/p>\n\n\n\n

However, the bad news is Web Sign-in is not a public released feature and Microsoft Product team has already disabled this private preview feature. Currently, only Temporary Access Pass could be used in order to sign-in windows. Refering below Microsoft Documentation:
What’s new in Windows 10, version 1809 – What’s new in Windows | Microsoft Learn<\/a>\u00a0<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Nevertheless, we still can use the Web Sign-in feature with TAP. The down below sections will provide the instructions to configure the Web Sign-in and TAP.<\/p>\n\n\n\n

\n\n\n\n

1. What is Temporary Access Pass?<\/strong><\/h2>\n\n\n\n

Please refer below Microsoft Documentation for the introduction to TAP.
Configure a Temporary Access Pass in Azure AD to register Passwordless authentication methods – Microsoft Entra | Microsoft Learn<\/a><\/p>\n\n\n\n

Here’s the definition for TAP:<\/strong><\/p>\n\n\n\n

\n

Temporary Access Pass<\/strong> is a time-limited passcode that can be configured for multi or single use to allow users to onboard other authentication methods including passwordless methods such as Microsoft Authenticator, FIDO2 or Windows Hello for Business.<\/p>\n<\/blockquote>\n\n\n\n

TAP could be considered as a strong authentication method such as passwordless. In other words, once the user authenticated via TAP, both primary and secondary authentication will be satisfied. This post will not go into too much detail about other TAP application scenarios. Below is one of the implemation of the TAP. Secure authentication method provisioning with Temporary Access Pass – Microsoft Tech Community<\/p>\n\n\n\n

\n\n\n\n

2. Instructions of Configuring Web Sign-in<\/strong><\/h2>\n\n\n\n

1. Sign-in to the Microsoft Endpoint Manager admin center (Intune Portal).<\/p>\n\n\n\n

2. Select Devices<\/strong> > Configuration profiles<\/strong> > Create profile<\/strong>.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

3. Choose Windows 10 and later<\/strong> as the Platform; Templates<\/strong> as the Profile type; Custom<\/strong> as the template name. > Click Create<\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

4. Give the policy a Name<\/strong> > Click Next<\/strong><\/p>\n\n\n\n

5. Add the custom rules as below under Configuration settings<\/strong>, add the OMA-URI Settings<\/strong>:<\/p>\n\n\n\n

Name: Web Sign In\nOMA-URI: .\/Device\/Vendor\/MSFT\/Policy\/Config\/Authentication\/EnableWebSignIn\nData Type: Integer\nValue: 1<\/code><\/pre>\n\n\n\n
\"\"<\/figure>\n\n\n\n
6. Assign this policy to the group who has enrolled their devices with Intune. Create the policy, then wait for the policy to apply to the devices. <\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\n\n\n\n
3. Instructions of setting up Temporary Access Pass<\/strong><\/h2>\n\n\n\n
3.1 Enable Temporary Access Pass for your AAD tenant<\/strong><\/h3>\n\n\n\n
1.\u00a0Sign-in to the\u00a0Azure Active Directory<\/strong>. <\/p>\n\n\n\n
2.\u00a0Select\u00a0Security<\/strong>\u00a0Blade >\u00a0Authentication methods<\/strong>\u00a0> Enable the users\/groups that you wants to apply the TAP:\u00a0<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
3.2 Create the Temporary Access Pass<\/strong><\/h3>\n\n\n\n
1.\u00a0Go to\u00a0Users<\/strong>\u00a0Blade > Select the targeted user > Click\u00a0Authentication methods<\/strong>\u00a0>\u00a0Add authentication method<\/strong>\u00a0<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
2.\u00a0Choose\u00a0Temporary Access Pass<\/strong>\u00a0as the method, customize the settings that you want > Then\u00a0Add<\/strong>\u00a0<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
3.\u00a0You will be able to see the TAP after you click Add. <\/p>\n\n\n\n
4.\u00a0Copy & Save<\/strong>\u00a0the Pass for further use.\u00a0<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\n\n\n\n
4.Test the Windows Web Sign-in with your TAP<\/strong><\/h2>\n\n\n\n
1.\u00a0Click\u00a0Sign-in Options<\/strong>\u00a0> Click\u00a0Web Sign-in Icon<\/strong>\u00a0> Click\u00a0Sign-in<\/strong>\u00a0After\u00a0<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
2.\u00a0Enter your Azure AD UPN > Enter the TAP we created on previous steps.\u00a0<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
3.\u00a0Congratulations, you are signed in.\u00a0<\/p>\n\n\n\n
<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\n\n\n\n
5.Deep Dive<\/strong><\/h2>\n\n\n\n
5.1 Does the PRT contain MFA claim with TAP web sign-in?<\/strong><\/h3>\n\n\n\n
As can be seen below, the once we sign-in with the TAP, our credential type is NGC (Next Generation Credential), which equivalent to WHfB sign-in. And as tested, the PRT contained the MFA claim and user will not be challenged to do MFA anymore. <\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
As mentioned before, once the user authenticated via TAP, both primary and secondary authentication will be satisfied. In this case, we can conclude more that this also applies to Windows Web sign-in using TAP.<\/p>\n\n\n\n
5.2 Can Hybrid Azure AD Joined device use the TAP to sign-in?<\/strong><\/h3>\n\n\n\n
The conclusion is that TAP is not supported for Hybrid Azure AD joined device.<\/p>\n\n\n\n
For HAADJ device, after Intune policy applied to the device, we could also see the Web Sign-in option. However, after the sign-in finished. User will not able to login to windows and it will switch back to the sign-in options UI.<\/p>\n\n\n\n
I suspect that we have done the authentication to AAD via TAP, but we are missing some mechanism with authentication to on-prem Domain Controller\/Kerberos provider since the primary authority for authentication of Hybrid Azure AD join device would still be on-prem DCs.<\/p>\n\n\n\n
Like WHfB, it offers 3 trust types in order to connect authentication between the Cloud AAD and on-prem AD.<\/p>\n\n\n\n
All in all, based on my testing and understanding of device registration, TAP Web sign-in now seems to be unsuitable for hybrid-joined devices because it doesn’t have the same mechanism as WHfB or FIDO2 key which look for on-prem KDC authentication.<\/p>\n","protected":false},"excerpt":{"rendered":"
Overview This post will share how to implement Web Sign-in Feature, and this feature will allow the user sign-in Windows with the TAP (Temporary Access Pass). As the reminder, the Web Sign-in feature used to be the feature that can support 3rd party federation sign-in and MFA. For example, AAD Joined machine only supports 3rd […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[10],"tags":[6,20,21],"class_list":["post-75","post","type-post","status-publish","format-standard","hentry","category-tutorial","tag-drs","tag-ngc","tag-whfb"],"yoast_head":"\nEnable Web Sign-in with Temporary Access Pass - \u6781\u7b80IT\uff5cSimpleIT<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Enable Web Sign-in with Temporary Access Pass - \u6781\u7b80IT\uff5cSimpleIT\" \/>\n<meta property=\"og:description\" content=\"Overview This post will share how to implement Web Sign-in Feature, and this feature will allow the user sign-in Windows with the TAP (Temporary Access Pass). As the reminder, the Web Sign-in feature used to be the feature that can support 3rd party federation sign-in and MFA. For example, AAD Joined machine only supports 3rd […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/\" \/>\n<meta property=\"og:site_name\" content=\"\u6781\u7b80IT\uff5cSimpleIT\" \/>\n<meta property=\"article:published_time\" content=\"2022-12-26T00:05:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-03-18T09:43:30+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png\" \/>\n\t<meta property=\"og:image:width\" content=\"751\" \/>\n\t<meta property=\"og:image:height\" content=\"173\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Ruian Ding\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ruian Ding\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/\"},\"author\":{\"name\":\"Ruian Ding\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"headline\":\"Enable Web Sign-in with Temporary Access Pass\",\"datePublished\":\"2022-12-26T00:05:00+00:00\",\"dateModified\":\"2025-03-18T09:43:30+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/\"},\"wordCount\":889,\"publisher\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"image\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png\",\"keywords\":[\"DRS\",\"NGC\",\"WHFB\"],\"articleSection\":[\"Tutorial\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/\",\"url\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/\",\"name\":\"Enable Web Sign-in with Temporary Access Pass - \u6781\u7b80IT\uff5cSimpleIT\",\"isPartOf\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png\",\"datePublished\":\"2022-12-26T00:05:00+00:00\",\"dateModified\":\"2025-03-18T09:43:30+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#primaryimage\",\"url\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png\",\"contentUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png\",\"width\":751,\"height\":173},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.ruianding.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Enable Web Sign-in with Temporary Access Pass\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#website\",\"url\":\"https:\/\/www.ruianding.com\/blog\/\",\"name\":\"Ruian's Tech Troubleshooting Toolbox\",\"description\":\"Debug the World.\",\"publisher\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\"},\"alternateName\":\"\u4e01\u777f\u5b89\u7684\u6280\u672f\u5206\u4eab\u535a\u5ba2\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.ruianding.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b\",\"name\":\"Ruian Ding\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png\",\"contentUrl\":\"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png\",\"width\":284,\"height\":284,\"caption\":\"Ruian Ding\"},\"logo\":{\"@id\":\"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/\"},\"description\":\"I am currently a Support Specialist at NIO, focusing on cloud-related issues for NIO Power. Previously, at Microsoft Entra ID, I specialized in identity and access management (IAM), including device registration, Windows Hello for Business (WHfB), multi-factor authentication (MFA), and single sign-on (SSO). In addition to my core expertise, I have a strong foundation in Active Directory, Servers, Cloud Computing, Network Administration, and Front-end Web Development. This diverse technical skill set enables me to effectively handle a wide range of challenges in a fast-paced IT environment.\",\"sameAs\":[\"https:\/\/www.ruianding.com\"],\"url\":\"https:\/\/www.ruianding.com\/blog\/author\/ruiand\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Enable Web Sign-in with Temporary Access Pass - \u6781\u7b80IT\uff5cSimpleIT","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/","og_locale":"en_US","og_type":"article","og_title":"Enable Web Sign-in with Temporary Access Pass - \u6781\u7b80IT\uff5cSimpleIT","og_description":"Overview This post will share how to implement Web Sign-in Feature, and this feature will allow the user sign-in Windows with the TAP (Temporary Access Pass). As the reminder, the Web Sign-in feature used to be the feature that can support 3rd party federation sign-in and MFA. For example, AAD Joined machine only supports 3rd […]","og_url":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/","og_site_name":"\u6781\u7b80IT\uff5cSimpleIT","article_published_time":"2022-12-26T00:05:00+00:00","article_modified_time":"2025-03-18T09:43:30+00:00","og_image":[{"width":751,"height":173,"url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png","type":"image\/png"}],"author":"Ruian Ding","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Ruian Ding","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#article","isPartOf":{"@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/"},"author":{"name":"Ruian Ding","@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"headline":"Enable Web Sign-in with Temporary Access Pass","datePublished":"2022-12-26T00:05:00+00:00","dateModified":"2025-03-18T09:43:30+00:00","mainEntityOfPage":{"@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/"},"wordCount":889,"publisher":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"image":{"@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png","keywords":["DRS","NGC","WHFB"],"articleSection":["Tutorial"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/","url":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/","name":"Enable Web Sign-in with Temporary Access Pass - \u6781\u7b80IT\uff5cSimpleIT","isPartOf":{"@id":"https:\/\/www.ruianding.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#primaryimage"},"image":{"@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#primaryimage"},"thumbnailUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png","datePublished":"2022-12-26T00:05:00+00:00","dateModified":"2025-03-18T09:43:30+00:00","breadcrumb":{"@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#primaryimage","url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png","contentUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2022\/12\/image.png","width":751,"height":173},{"@type":"BreadcrumbList","@id":"https:\/\/www.ruianding.com\/blog\/enable-web-sign-in-with-temporary-access-pass\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.ruianding.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Enable Web Sign-in with Temporary Access Pass"}]},{"@type":"WebSite","@id":"https:\/\/www.ruianding.com\/blog\/#website","url":"https:\/\/www.ruianding.com\/blog\/","name":"Ruian's Tech Troubleshooting Toolbox","description":"Debug the World.","publisher":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b"},"alternateName":"\u4e01\u777f\u5b89\u7684\u6280\u672f\u5206\u4eab\u535a\u5ba2","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.ruianding.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/440d88575b7dc819a4cefc8c4199db3b","name":"Ruian Ding","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png","contentUrl":"https:\/\/www.ruianding.com\/blog\/wp-content\/uploads\/2023\/05\/logo.png","width":284,"height":284,"caption":"Ruian Ding"},"logo":{"@id":"https:\/\/www.ruianding.com\/blog\/#\/schema\/person\/image\/"},"description":"I am currently a Support Specialist at NIO, focusing on cloud-related issues for NIO Power. Previously, at Microsoft Entra ID, I specialized in identity and access management (IAM), including device registration, Windows Hello for Business (WHfB), multi-factor authentication (MFA), and single sign-on (SSO). In addition to my core expertise, I have a strong foundation in Active Directory, Servers, Cloud Computing, Network Administration, and Front-end Web Development. This diverse technical skill set enables me to effectively handle a wide range of challenges in a fast-paced IT environment.","sameAs":["https:\/\/www.ruianding.com"],"url":"https:\/\/www.ruianding.com\/blog\/author\/ruiand\/"}]}},"_links":{"self":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/75","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/comments?post=75"}],"version-history":[{"count":5,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/75\/revisions"}],"predecessor-version":[{"id":2672,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/posts\/75\/revisions\/2672"}],"wp:attachment":[{"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/media?parent=75"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/categories?post=75"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ruianding.com\/blog\/wp-json\/wp\/v2\/tags?post=75"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}