GitHub Azure AD OIDC Authentication for Actions

Learn how to implement secure authentication between GitHub Actions and Azure Active Directory using OpenID Connect (OIDC) in this comprehensive video tutorial. Explore the evolution from traditional secret-based authentication to modern OIDC methods, understanding the benefits and implementation details. Discover how to leverage GitHub identity tokens, exchange them for Azure AD access tokens, and configure various subject types. Follow step-by-step instructions on setting up Azure AD app registration, using the azure/login action, and adding federated credentials. Gain insights into storing and utilizing required values in GitHub, and learn about app roles for enhanced security. Master the art of seamless and secure authentication between GitHub and Azure AD without the need for storing sensitive secrets.

- Introduction
- How authentication used to work
- Using OIDC
- GitHub identity token and exchange for AAD access token
- Types of subject
- AAD app registration
- Using azure/login
- Adding federated credential
- Storing required values and using in GitHub
- App roles
- Summary