How to visually highlight overdue work items on an Azure DevOps sprint board

A couple years back I wrote a tutorial on how to highlight blocked work items on an Azure DevOps sprint board (here). This post is a similar walkthrough but describes the process for overdue and due soon work items.

Providing a visual highlight for these items is a great way for the development team and product owners to quickly see which work is considered time sensitive and potentially overdue.

Note: These changes do not require any extensions, but they do require project collection administrator access rights to complete.

Continue reading

Deploying React web applications in Microsoft Azure with Azure Pipelines

This post is the second in a two part series on React JS. The first post covered design decisions to make before starting a project, and this post provides tips for building and deploying React web applications in Microsoft Azure with Azure Pipelines.

Continue reading

Design decisions to make before starting a new React JS project

This post is the first in a two part series on React JS. Since there are already tons of great docs and training material for React, the focus of these posts is to highlight some common design decisions and Azure ecosystem build/deploy problems that folks new to React typically run into.

This particular post focuses on the key decisions you should make before you start writing any code.

Edit: Part 2 now is available here.

Continue reading

OAuth 2.0 authorization code flow with a React SPA, ASP.NET Core Web API, RBAC roles, and MSAL

Earlier this year the Microsoft Identity Platform team shared new guidance that recommends using the OAuth 2.0 Authorization Code flow for browser based web applications. The reason for this is that new browser security changes are going to cause problems for the commonly used implicit grant flow pattern.

Although I found plenty of great code samples and quickstart material for using the authorization code flow with graph API, it took me a while to figure out how to use it against an ASP.NET Core Web API. The goal of this post is to provide an end-to-end setup guide with source code for the protected web API resource scenario that uses RBAC roles.

Continue reading