Azure AD Security: Common Misconfigurations

Azure Active Directory, now rebranded as Microsoft Entra ID, serves as the identity backbone for millions of organizations worldwide. It manages authentication, authorization, and access control for Microsoft 365, Azure resources, and thousands of third-party SaaS applications. As enterprises have migrated to cloud-first architectures, Azure AD has become the single most critical component in their security posture. A misconfiguration here does not just expose one application -- it can compromise the entire organization. In my penetration testing engagements targeting Azure environments, identity misconfigurations consistently yield the highest-impact findings.

Azure AD in Modern Enterprise Identity

Azure AD operates as far more than a simple directory service. It functions as the central identity provider for hybrid environments, bridging on-premises Active Directory with cloud services through Azure AD Connect. It handles Conditional Access policy enforcement, application consent frameworks, B2B and B2C identity federation, and device management through Intune integration. This breadth of functionality means the attack surface is enormous. Every feature that provides convenience to administrators also presents a potential misconfiguration that attackers can exploit. Understanding these interconnections is essential for effective security testing.

Common Misconfigurations in Detail

• Consent phishing (illicit consent grants) - This is one of the most effective Azure AD attacks. An attacker registers a malicious application in their own tenant and crafts a phishing link that directs the victim to the Microsoft consent screen. If the user grants consent, the attacker application receives delegated permissions to access the user mail, files, or profile data. The dangerous aspect is that this does not require stealing credentials -- the user authenticates legitimately with Microsoft, and the permissions persist until explicitly revoked. In organizations that allow users to consent to applications without admin approval, a single click can grant an attacker full access to a user mailbox and OneDrive.
• Overly permissive guest access (B2B settings) - Azure AD B2B collaboration allows external users to be invited as guests. The default guest user permissions in many tenants are far too broad, allowing guests to enumerate all users, groups, and applications in the directory. Guest access settings should restrict external users to seeing only their own profile and the resources explicitly shared with them.
• Dangerous app registrations - Application registrations in Azure AD create service principals that can hold powerful permissions. Common issues include applications with application-level permissions to Microsoft Graph such as Mail.ReadWrite or Directory.ReadWrite.All, service principals with client secrets that have no expiration date, and applications granted admin consent for broad scopes that far exceed their operational requirements.
• Conditional Access gaps - Conditional Access is the primary policy enforcement mechanism in Azure AD, yet critical gaps are frequently found. Common issues include policies that require MFA for the Azure portal but not for Azure CLI or PowerShell access, break-glass accounts excluded from all policies without proper monitoring, policies that target specific applications rather than all cloud apps leaving gaps, and missing device compliance requirements allowing access from unmanaged devices.

Enumeration Techniques

Effective Azure AD assessment begins with thorough enumeration. Even without credentials, significant information can be gathered about a target tenant.

• Tenant discovery - Public endpoints reveal tenant existence and configuration. Querying https://login.microsoftonline.com/[domain]/.well-known/openid-configuration returns the tenant ID and authorization endpoints. The autodiscover endpoint, GetCredentialType API, and user realm discovery API can reveal whether a domain uses cloud-only or federated authentication, which informs the attack strategy.
• User enumeration - Several Azure AD endpoints allow username enumeration without authentication. The GetCredentialType API responds differently for valid and invalid usernames. Password spray attacks can test common passwords against enumerated users while staying below lockout thresholds, typically one attempt per user every 30-60 minutes.
• AADInternals - This PowerShell module by Dr. Nestori Syynimaa is one of the most comprehensive Azure AD security tools. It can enumerate tenant information, perform user enumeration, export and import Azure AD configurations, manipulate device registrations, and abuse various Azure AD features.
• ROADTools - Developed by Dirk-jan Mollema, ROADTools collects and analyzes Azure AD data through the Microsoft Graph API and internal Azure AD APIs. It creates a local SQLite database of the tenant users, groups, applications, service principals, roles, and policies, enabling offline analysis. The ROADrecon component provides a web interface for exploring the collected data.
• AzureHound - The Azure component of the BloodHound project. It collects Azure AD and Azure Resource Manager data and maps attack paths from current access to high-value targets like Global Admin. Its graph-based analysis can reveal non-obvious privilege escalation paths that traverse multiple Azure AD objects and roles.

Privilege Escalation Paths

Azure AD privilege escalation often follows paths that chain multiple misconfigurations. Understanding these paths is critical for both attack and defense.

• Application Admin to Global Admin - The Application Administrator role can manage all aspects of application registrations and service principals. An Application Admin can add new credentials to any application, including those with high-privilege Microsoft Graph permissions or those assigned to privileged directory roles. By adding a secret to a service principal that has the Global Administrator role assigned, the Application Admin effectively becomes a Global Admin.
• Azure resource roles crossing to Azure AD - The User Access Administrator role at the root management group scope in Azure can grant itself any Azure AD role. Similarly, an Owner of a subscription containing an Azure Automation account with a Managed Identity that has Azure AD permissions can leverage that Automation account to perform actions in Azure AD. These cross-boundary escalation paths are frequently overlooked.
• Managed Identity abuse - Azure Managed Identities provide an identity for Azure resources to authenticate to services supporting Azure AD authentication. If an attacker compromises an Azure resource that has a Managed Identity assigned with high-privilege Azure AD permissions, they can request tokens from the instance metadata service and use them to perform actions in Azure AD.
• Service principal credential extraction - Service principals with client secrets stored in code repositories, Key Vault with overly permissive access policies, or environment variables on compromised Azure resources provide direct access to whatever permissions the service principal holds.

Token-Based Attacks

Azure AD token-based authentication creates specific attack vectors when tokens are compromised.

• Primary Refresh Token (PRT) abuse - The PRT is issued to Azure AD joined or registered devices and provides SSO across all Azure AD applications on that device. If an attacker extracts the PRT from a compromised device using tools like ROADToken or mimikatz, they can use it to authenticate as the user from any device, bypassing device-based Conditional Access policies.
• Access token theft - Azure AD access tokens are typically valid for 60-90 minutes. Tokens stolen from browser sessions, application logs, or memory dumps can be used directly against APIs without needing the user credentials. Continuous Access Evaluation (CAE) has improved this situation by enabling near-real-time token revocation for some scenarios, but not all applications support CAE.
• Refresh token replay - Refresh tokens have longer lifetimes and can be used to obtain new access tokens. If a refresh token is stolen, the attacker can maintain persistent access until the token is revoked. Token protection (proof-of-possession) binds tokens to the requesting device, mitigating replay attacks, but requires modern clients and is not yet universally deployed.

Real-World Attack Scenarios

Combining the techniques above, here are attack scenarios encountered during assessments:

• Password spray to mailbox access - Enumerate valid users through the GetCredentialType API. Password spray with common passwords against accounts lacking MFA. Use obtained credentials to access Outlook Web App, searching mailbox content for additional credentials, VPN configurations, or sensitive business data.
• Consent phishing chain - Craft a phishing email with a link to a malicious application consent page. Once the user consents, use the delegated permissions to read their emails, identify internal applications and service accounts, and discover credentials shared through email. Leverage those credentials for lateral movement.
• App registration to full compromise - From an Application Administrator account, enumerate service principals with high-privilege permissions. Add a new client secret to a service principal with Directory.ReadWrite.All permission. Authenticate as the service principal and modify directory objects, add users to privileged roles, or extract sensitive data.

Essential Tools

• AADInternals - Comprehensive PowerShell toolkit for Azure AD assessment, enumeration, exploitation, and persistence. Includes modules for tenant reconnaissance, user enumeration, token manipulation, device join abuse, and configuration export.
• ROADTools - Azure AD data collection and analysis framework. ROADrecon gathers tenant data, ROADlib provides a library for interaction, and the web UI enables exploration of the tenant structure and relationships.
• AzureHound - Data collector for BloodHound that maps Azure AD and Azure Resource Manager attack paths. Essential for identifying privilege escalation routes and understanding the blast radius of compromised accounts.
• TokenTactics - PowerShell module for Azure AD token manipulation. Supports token acquisition through various flows, token cache extraction, Primary Refresh Token operations, and Continuous Access Evaluation testing.
• MFASweep - Tool for identifying Azure AD accounts that do not have MFA enforced. It tests authentication against multiple Microsoft services to find services where MFA is not required, revealing Conditional Access gaps.

Hardening Recommendations

• Implement admin consent workflow - Disable user consent for applications entirely, or limit it to verified publishers with low-risk permissions. Require administrator approval for all application consent requests. This single change eliminates the consent phishing attack vector.
• Restrict app registrations - Limit who can register applications in Azure AD. Regularly audit existing app registrations for excessive permissions, expired or unnecessary credentials, and applications that are no longer in use.
• Deploy comprehensive Conditional Access policies - Require MFA for all users across all cloud applications, not just the Azure portal. Enforce device compliance for access to sensitive data. Implement sign-in risk and user risk policies through Azure AD Identity Protection. Block legacy authentication protocols that cannot support MFA. Configure session controls with appropriate token lifetimes.
• Enable PIM for privileged roles - Privileged Identity Management provides just-in-time role activation, requiring administrators to explicitly activate their privileged roles for a limited duration. Enable PIM for all privileged Azure AD roles and Azure resource roles. Require MFA and justification for role activation.
• Enable Security Defaults or baseline policies - For organizations without Azure AD Premium licenses, Security Defaults provide a baseline set of identity security mechanisms including MFA registration, MFA challenge for administrators, and blocking legacy authentication.
• Monitor and audit continuously - Enable Azure AD audit logs and sign-in logs with retention to a SIEM. Alert on high-risk events: new Global Admin assignments, application consent grants, Conditional Access policy modifications, and authentication from unusual locations or devices.