You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/identity-protection/howto-identity-protection-simulate-risk.md
+5-5Lines changed: 5 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -84,23 +84,23 @@ The sign-in shows up in the Identity Protection dashboard within 2-4 hours.
84
84
85
85
## Leaked Credentials for Workload Identities
86
86
87
-
This risk detection indicates that the appplication's valid credentials have been leaked. This leak can occur when someone checks in the credentials in public code artifact on GitHub. Therefore, to the simulation this detection, you need a GitHub account and can [sign up a GitHub account](https://docs.github.com/en/get-started/signing-up-for-github) if you don't have one already.
87
+
This risk detection indicates that the application's valid credentials have been leaked. This leak can occur when someone checks in the credentials in a public code artifact on GitHub. Therefore, to simulate this detection, you need a GitHub account and can [sign up a GitHub account](https://docs.github.com/en/get-started/signing-up-for-github) if you don't have one already.
88
88
89
89
**To simulate Leaked Credentials in GitHub for Workload Identities, perform the following steps**:
90
90
1. Navigate to the [Azure portal](https://portal.azure.com).
91
91
2. Browse to **Azure Active Directory** > **App registrations**.
92
-
3. Select **New registration** to register a new application or resue an exsiting stale application.
93
-
4. Select **Certificates & Secrets** > **New client Secret** , add a description of your client secret and set an expiration for the secret or specify a custom lifetime and click **Add**. Record the secret's value for later use for GitHub Commit, note**You can not retrieve the secret again after you leave this page**.
92
+
3. Select **New registration** to register a new application or reuse an exsiting stale application.
93
+
4. Select **Certificates & Secrets** > **New client Secret** , add a description of your client secret and set an expiration for the secret or specify a custom lifetime and click **Add**. Record the secret's value for later use for your GitHub Commit. Note:**You can not retrieve the secret again after you leave this page**.
94
94
5. Get the TenantID and Application(Client)ID in the **Overview** page.
95
-
6.You may need disable the application via **Azure Active Directory** > **Enterprise Application** > **Properties** > Set **Enabled for users to sign-in** to No
95
+
6.Ensure you disable the application via **Azure Active Directory** > **Enterprise Application** > **Properties** > Set **Enabled for users to sign-in** to **No**
96
96
7. Create a **public** GitHub Repository, add the following config and commit the change.
7. In about 24 hours, you are able to view a leaked credentail detection under **Azure Active Directory** > **Security** > **Risk Detection** > **Workload identity detections** where the additional info contains your the URL of your GitHub commit.
103
+
7. In about 8 hours, you will be able to view a leaked credentail detection under **Azure Active Directory** > **Security** > **Risk Detection** > **Workload identity detections** where the additional info will contain your the URL of your GitHub commit.
0 commit comments