When working with cloud services, you occasionally encounter two APIs that essentially do the same thing, but require different authentication or permissions. Such cases tend to pique my interest – not only because there might be a security issue lurking, but also because there’s often an interesting story behind these APIs. One case I recently ran into is Azure AD federation metadata. When you create an enterprise app in Azure AD and configure SAML-based single sign-on, the portal shows ...
