PowerShellGallery icon indicating copy to clipboard operation
PowerShellGallery copied to clipboard
verified publisher icon PowerShell

Verify Publisher of Azure AD Application (MSAL SSO)

Open Kazzan opened this issue 2 years ago • 2 comments

Summary of the new feature / enhancement

Hi, currently the Azure AD Application record for PowerShell Gallery "PowerShell Gallery [PROD]" is not published by verified publisher "Microsoft Corporation". The standard recommendation of Microsoft Defender for Clous Apps (MDCA), the OAuth Apps Review marks this application as possible fake impersonating Microsoft.

Proposed technical implementation details (optional)

This should be improved by signing this MSAL SSO integration for AAD (or even personal MSA accounts) to make this application more trustworthy.

Kazzan avatar Jan 03 '23 16:01 Kazzan

Thanks @Kazzan we will take a look into this

SydneyhSmith avatar Feb 13 '23 19:02 SydneyhSmith

Hi @SydneyhSmith, I just ran into this myself and it's a bit concerning to be honest. Thanks!

image

sassdawe avatar Oct 08 '23 07:10 sassdawe