The risk of easily testing SharePoint Framework web parts in your tenant

The risk of easily testing SharePoint Framework web parts in your tenant

SharePoint Framework allows you to easily test the web parts you're building in your production tenant without having to deploy them first. But are you okay with the risk it exposes your data to?
Consider this before granting API permissions in your Office 365 tenant

Consider this before granting API permissions in your Office 365 tenant

Recently, Microsoft released a preview of the ability to grant access to APIs secured with Azure AD in Office 365 tenants. Allowing developers to access these APIs is not without risks, here is why.
Inconvenient no-script sites and SharePoint Framework

Inconvenient no-script sites and SharePoint Framework

By disabling custom script on their sites, organizations using Office 365 can increase the security of their data and improve the governance of their portal. But how reliable is it actually?
What external scripts is your SharePoint Framework solution using?

What external scripts is your SharePoint Framework solution using?

When installing SharePoint Framework solutions, SharePoint shows you the URLs of external scripts used by the solution. But it doesn't show all of them, so be careful what solutions you allow to run unrestricted in your tenant.
Get Azure AD app-only access token using certificate on .NET Core

Get Azure AD app-only access token using certificate on .NET Core

Communicating with SharePoint Online using an app-only access token is invaluable when building non-interactive applications. Here is how you can get an Azure AD app-only access token in .NET Core. SharePoint Online authentication protocols When building solutions for SharePoint, before you are allowed to communicate with SharePoint your application must