I like MTB and spend time in the sauna, but this is GitHub ;)
Prediction is very difficult, especially about the future.
Niels Bohr
- TypeScript - https://github.com/openwallet-foundation/credo-ts
- .Net Wallet - https://github.com/openwallet-foundation-labs/wallet-framework-dotnet
- React native wallet - https://github.com/openwallet-foundation/bifold-wallet
- https://play.google.com/store/apps/details?id=id.paradym.wallet
- MS Authenticator App
| Name | Details & Supported format | Link | 
|---|---|---|
| Paradym | Dedicated Wallet (format:sd+vc-json)* | https://paradym.id/ | 
| Entra Verified Id | Authenticatior App + Wallet SDK from MS | https://www.microsoft.com/en-us/security/business/identity-access/microsoft-entra-verified-id | 
| Demo: vcplayground | jwt-vc-json | https://vcplayground.org/ | 
| Demo: https://funke.animo.id/ | EUDI | https://funke.animo.id/ | 
| WalletSDK | works with vcplayground (format:jwt-vc-json)* | https://github.com/trustbloc/wallet-sdk | 
| credo-ts | Full VC Backend (format:sd+vc-json) with REST extension https://credo.js.org/guides/extensions/rest and hosted with docker compose πͺ | https://github.com/openwallet-foundation/credo-ts https://credo.js.org/ | 
| walt.id | Backend with wallet | https://docs.walt.id/community-stack/home | 
*not confirmed via official pages and documentation
- VC for Europeans
- eIDAS test site
- Decentralized Identifiers (DIDs) as an Identifier Metasystem
- Awesome Self-Sovereign Identity
- https://github.com/decentralized-identity/didcomm-messaging
- https://demo.didcomm.org/ πΌ
- CH https://github.com/e-id-admin/eidch-android-wallet
- EU https://github.com/orgs/eu-digital-identity-wallet/repositories
- KeyCloack https://keycloak-day.dev/assets/files/Norimatsu_KeycloakDevDay2025_Darmstadt.pdf
- https://www.verifiedorchestration.com/
- https://android-developers.googleblog.com/2025/04/announcing-android-support-of-digital-credentials.html
- https://developer.android.com/identity/digital-credentials/credential-verifier
- https://developer.android.com/identity/digital-credentials/phone-number-verification
- https://github.com/Azure/Enterprise-Scale
- https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/ with nice visio drawing
- π¨ (Almost) Every infrastructure decision I endorse or regret after 4 years running infrastructure at a startup
- https://github.com/Azure/ALZ-Bicep/wiki/Accelerator
- GitHub - ACA-Landing-Zone-Accelerator
- Prepare your Azure Cloud Environment with the Cloud Adoption Framework
- Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 1
- Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 2
- Architecture Styles Worksheet: https://www.developertoarchitect.com/downloads/architecture-styles-worksheet.pdf
- https://jacquiread.com/posts/software-design/
- Functional Programming on .net - The Best of Both Worlds - Isaac Abraham - NDC Oslo 2024: https://www.youtube.com/watch?v=V9GYPOsPj4M
- Let's build the worst Event Sourcing system! - Oskar Dudycz - NDC London 2024: https://www.youtube.com/watch?v=20zvAJAhqS0
- by example Github and Video
- Distributed system real life example https://www.enterpriseintegrationpatterns.com/ramblings/18_starbucks.html
- πThe Software Architect Elevator
- πDesigning Data-Intensive Applications
- π¨ PL Async Internals in .NET
- Advanced API and Integration Problems & Patterns - Udi Dahan - NDC Oslo 2022
- πDatabase Internals
- π₯Learn Advanced Distributed Systems Design
- https://www.stigg.io/
- https://supademo.com
- https://backstage.io (https://github.com/shano/awesome-backstage)
- n8n instead of https://airflow.apache.org/ & https://www.astronomer.io/
- https://block.github.io/goose/
- π https://bolt.new (React UI by AI)
- ππ https://www.anthropic.com/claude-code & https://github.com/ryoppippi/ccusage
- π testing: https://aider.chat/
- https://app.co.dev/
- https://v0.dev/
- π€ testing: https://docs.anthropic.com/en/docs/agents-and-tools/claude-code/overview
- π€ testing: GitHub Copilot Chat Agent Mode via VS Code Insiders (link)
- IDE for AI development https://github.com/cline/cline
- https://techcommunity.microsoft.com/blog/azure-ai-services-blog/graphrag-end-to-end-poc/4361080
- https://learn.microsoft.com/azure/cosmos-db/gen-ai/quickstart-rag-chatbot
- Microsoft Learn MCP Server https://github.com/MicrosoftDocs/mcp
- Lokka - MS Entra Graph API MCP: https://lokka.dev/docs/install
- Atlas MCP server that provides access to Microsoft Graph API using Entra ID authentication with On-Behalf-Of (OBO) flow: https://github.com/JasSuri/atlas
- https://github.com/rinadelph/Agent-MCP
- OCTA: OAuth 2.0 and OpenID Connect (in plain English)
- https://www.nango.dev/blog/why-is-oauth-still-hard
- https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
- https://auth0.com/docs/authorization
- awesome-iam
- OAuth β the good Parts - Dominick Baier - NDC Oslo 2021 https://www.youtube.com/watch?v=y2Psj8ACZyw
- Test FIDO2/Passkeys https://www.token2.swiss/tools/fido2-demo
- π Demystifying cookies and tokens
- π AWS Cognito Sample https://medium.com/@samudurand/protecting-lambda-urls-with-cognito-iam-lambda-edge-and-cdk-4ac79f9e779c
- π FGA solution https://docs.permit.io/modeling/mesa-verde/ & DEMO https://github.com/permitio/mesa-verde-banking-demo
- Cedar video & into token Cedar policy with an access token
- https://www.linkedin.com/pulse/implementing-mcp-dynamic-client-registration-spiffe-keycloak-posta-ccryf
- Annotated Version of NIST Special Publication (SP) 800-63-4,Digital Identity Guidelines: https://www.tcannex.com/p/annotated-nist-sp-800-63-4
- CIAM MS Overview: https://www.microsoft.com/en-us/security/business/security-101/what-is-ciam
- DPoP https://auth0.com/docs/secure/sender-constraining/demonstrating-proof-of-possession-dpop & https://auth0.com/blog/protect-your-access-tokens-with-dpop/
- Entra Primary Refresh Token https://learn.microsoft.com/en-us/entra/identity/devices/concept-primary-refresh-token?tabs=windows-prt-issued%2Cwindows-prt-used%2Cwindows-prt-renewal%2Cwindows-prt-protection%2Cwindows-apptokens%2Cwindows-browsercookies%2Cwindows-mfa
- https://github.com/discord/access
- https://github.com/jhaals/yopass
- https://github.com/JanssenProject/jans
- https://github.com/jelhub/scimgateway
- Journey to Azure AD PRT- Primary Refresh Token
- Newsletter: https://entra.news
- https://github.com/merill/awesome-entra
- big picture diagram https://github.com/msandbu/azuread
- Entra ID as a code: https://www.terraprovider.com/
- https://identity-man.eu/2020/11/23/an-introduction-to-azure-ad-identity-governance/
- Workload Identity Protection
- Governance
- Managed ID
- App Registrations, Enterprise Apps and Service Principals
- PIM
- π https://learn.microsoft.com/en-us/entra/architecture/external-identity-deployment-architectures
- π https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-configure-kerberos-sso
- https://heusser.pro/p/understanding-entra-id-app-registrations-enterprise-applications-and-service-principals-part-2-os8rb48knqez/
- https://www.christianfrohn.dk/2025/01/15/monitoring-access-package-delivery-status-in-entra-id-governance/
- https://janbakker.tech/dynamic-approval-in-entra-id-access-packages-using-custom-extensions/
- review permissions https://m365scripts.com/microsoft365/manage-entra-id-delegated-permissions-for-specific-users-using-microsoft-graph/
- https://device-insight.com/en/developers-blog/use-azure-ad-workload-identity-for-pod-assigned-managed-identity-in-aks/
- https://johnlokerse.dev/2024/05/05/setup-azure-devops-workload-identity-federation-using-azure-bicep/
- 
https://learn.microsoft.com/en-us/security/operations/incident-response-playbooks 
- 
https://learn.microsoft.com/en-us/entra/architecture/security-operations-introduction 
- ASP.NET Web App - Confidential Client: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2
- https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2
- JavaScript Public Client: https://github.com/Azure-Samples/ms-identity-docs-code-javascript
- For External ID sample: https://github.com/Azure-Samples/ms-identity-ciam-javascript-tutorial
- Graph Explorer (with tenant-id param): https://developer.microsoft.com/en-us/graph/graph-explorer?tenant={{tenant-id-here}}
- https://gist.github.com/rbrayb/847be01d7f2c532d66cf07ad84d6466d
- OpenID Connect details: https://learn.microsoft.com/en-us/azure/active-directory-b2c/openid-connect
- https://learn.microsoft.com/en-us/entra/external-id/external-identities-overview#comparing-external-id-feature-sets
- https://learn.microsoft.com/en-us/entra/external-id/customers/concept-supported-features-customers
- Refresh Token: AzureAD/microsoft-authentication-library-for-js#5137
- Deep Dive into Entra: Exclusive Outage Stories & Architectural Innovations: https://www.youtube.com/watch?v=PtEQYnRu6eo
- Actor tokens security issue: https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/
- ACS: https://learn.microsoft.com/en-us/previous-versions/azure/active-directory/azuread-dev/active-directory-acs-migration
- Kleopatra - manage Yubikey certificates, etc https://apps.kde.org/kleopatra/
- faking data and getting notification someone is accessing (credit card, AWS credentials) https://canarytokens.org/generate
- generate tokens: https://token.dev/
- review & analyze tokens: https://jwt.ms & https://jwt.io
- https://github.com/codesenberg/bombardier
- https://oidcdebugger.com/debug
- https://chrome.google.com/webstore/detail/saml-devtools-extension/jndllhgbinhiiddokbeoeepbppdnhhio
- Summary about MS samples & platforms https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code
- MS Samples
- MSAL - Retry policies
- MSAL Logger
- OAuth - Native Flow Authorization Code Flow Diagram
- Openid Connect Diagram - get token via confidential client
- Postman Oauth Entra ID Collection
- Default Azure Credentials
- Authentication with multiple identity providers
- Microsoft Woodgrove Groceries -> Azure AD B2C MS Demo
- Microsoft Woodgrove Groceries -> Entra External ID for Customers MS Demo
- https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition and connected repo: https://github.com/andrewmatveychuk/azure.policy
- and from the previous link: https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition
- https://medium.com/@omaxel/allow-access-to-azure-app-service-only-from-azure-front-door-bdfa16bc675d
- https://cloudtips.nl/securing-azure-web-apps-and-function-apps-with-azure-front-door-e4a5e4071290
- https://www.youtube.com/watch?v=IyQM_wG_X_Q & https://github.com/Azure/terraform-azurerm-caf-enterprise-scale
- https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/
- https://github.com/Azure/ALZ-Bicep/wiki/Accelerator
- https://github.com/Azure/terraform-azurerm-lz-vending
- https://medium.com/into-alm/configuration-as-code-moving-away-from-library-groups-in-azure-devops-e9ff683d150d
- https://azure.github.io/Azure-Verified-Modules/
- https://github.com/Azure/bicep-registry-modules
- https://github.com/arindam0310018/10-Oct-2023-DevOps__Workload-Identity-Federation-with-Service-Principal-Using-Terraform
- https://backstage.io & https://github.com/backstage/backstage
- https://www.websequencediagrams.com/
- π https://plantuml.com/ & https://github.com/plantuml-stdlib/C4-PlantUML
- 
https://blog.icewolf.ch/archive/2023/05/28/http-security-headers/ 
- 
π¨ π Secure your website with the right security headers Mozilla and SecurityHeaders 
- 
speed test with details: https://speed.cloudflare.com/ 
- https://spacelift.io/ (Terraform&OpenTofu)
- https://registry.terraform.io/modules/Azure-Terraformer/atat/github/latest
- https://damienbod.com/
- https://identity-man.eu/
- https://www.troyhunt.com/
- https://scotthelme.co.uk/
- https://event-driven.io/ and the tag Architecture: https://event-driven.io/en/category/architecture/
- https://blog.codingmilitia.com/
- https://architectelevator.com/
- https://ericonidentity.com/
- SMS online service to test OTP: https://anonymsms.com/
- Temporary Email Service (you can define your email address): https://www.minuteinbox.com/
- Postman Collection
- A verification tool to replace CAPTCHAS: https://www.cloudflare.com/products/turnstile/
- VS Code + B2C extension + APP insights debugger
- temp mail(trashmail) as a service https://github.com/HaschekSolutions/opentrashmail
- Mock Service (when you need to check the request payload ;) ) https://beeceptor.com/
- Security Headers check https://securityheaders.com/
- https://backstage.io/
- Find free replacement: https://openalternative.co
- www.cloudflare.com Tunnel
- ngrok.com - need to pay 10$ for features
- Visual Studio IDE built-in proxy
- HomeAssistant: https://www.home-assistant.io/
- esphome https://esphome.io/ (ESP8266 | ESP32 | other => easy yaml config and push to HomeAssistant)
- portainer https://www.portainer.io/ (Conteiner Management for Docker)
- Home DNS server? Try PiHole https://pi-hole.net/
- OpenWrt as router OS https://openwrt.org/
- smart switches and other devices https://www.shelly.com/
- HAVC: Salus Controls & Panasonic AC (with https://github.com/sockless-coding/panasonic_cc integration)
- Wat
- Email vs Capitalism, or, Why We Can't Have Nice Things - Dylan Beattie - NDC Oslo 2023
- Foxes
- Mountain Biking
- Ε»ywot programisty - sorry only for polish programmers π·