In this week’s episode Jan Bakker, Microsoft MVP and solution architect from the Netherlands, joins us for a masterclass in extending Microsoft Entra ID beyond out-of-the-box capabilities. This episode is your complete guide to building custom identity governance and lifecycle management using Power Apps, Logic Apps, and Azure automation.

You’ll learn the fundamental building blocks of automation in the Microsoft ecosystem and how to combine them creatively.

Jan’s approach: treat Entra as a platform, not just a product.

The automation stack he teaches:

→ Power Automate (everyday workflows)→ Logic Apps (enterprise automation)→ Dynamic Groups (intelligent triggers)→ Graph API (the foundation of everything)→ Event Hub (cost-effective event streaming)

Key topics covered:

* Understanding Power Automate vs Azure Logic Apps (and when to use each)

* Managed identities and least privilege automation

* Dynamic groups as automation triggers

* Event Hub for cost-effective event-driven workflows

* Custom authentication extensions and token augmentation

* Real implementation costs ($50/month for enterprise solutions!)

From the conversation:

* Step-by-step temporary access pass automation

* Automatic refresh token revocation on account disable

* MFA method change notifications (like Gmail/Twitter)

* Guest lifecycle management and approval flows

* Conditional access policy monitoring

Whether you’re new to automation or an experienced architect, you’ll walk away with actionable ideas and a new way of thinking about identity solutions.

Subscribe with your favorite podcast player or watch on YouTube 👇

About Jan Bakker

Jan is a Microsoft MVP and Solution Architect based in the Netherlands. He is known for his ability to make complex DevOps and Entra concepts accessible and publishes extensive guides on his blog about extending Entra capabilities.

LinkedIn: https://www.linkedin.com/in/jan-bakker/

🔗 Related Links

* Send an email on a new MFA method registration - https://janbakker.tech/send-an-email-on-a-new-azure-mfa-method-registration/

* How to build a PowerApp – Temporary Access Pass Manager - https://janbakker.tech/category/power-platform/

* Trigger Logic App on group membership changes in Entra ID - https://janbakker.tech/trigger-logic-app-on-group-membership-changes-in-entra-id/

* Poor man’s IGA: Monitor and clean up stale guest accounts - https://janbakker.tech/poor-mans-iga-monitor-and-clean-up-stale-guest-accounts/

* Poor man’s IGA: Generate Temporary Access Pass for joiners - https://janbakker.tech/poor-mans-iga-generate-temporary-access-pass-for-joiners/

* Unlocking the Power of employeeHireDate in Entra ID Dynamic Groups - https://janbakker.tech/unlocking-the-power-of-employeehiredate-in-entra-id-dynamic-groups/

* Temporary exclusions for Conditional Access using PIM for Groups - https://janbakker.tech/temporary-exclusions-for-conditional-access-using-pim-for-groups/

Sponsored by:

Shadow IT and SaaS sprawl are outpacing IT teams

It can feel impossible to tackle these app governance challenges:📦 Entra ID isn’t secure by default💥 SaaS adoption & sprawl isn’t slowing down⌨️ Citizen Development keeps rising (hello, Copilot Studio!)🗑️ Vendors often don’t remove apps after uninstall🔃 Offboarding is inconsistent or doesn’t happen at all🥔 App governance is passed around like a hot potato

ENow AppGov Score shines a light on lurking risks, providing a free App Governance Benchmark Report for your Entra tenant. Reclaim control and protect against breach & disruptions. Free upgrade to Standard Tier for 7 days once you get your score.

Secure & Govern Entra Apps Now

📗 Chapters

00:03 The Poor Man’s IGA Concept

00:07 Revoking Refresh Tokens Automatically

00:13 Power Apps for Approval Workflows

00:16 Custom Logic for Managing Guest Access

00:19 Building a Temporary Access Pass Tool

00:25 Power Automate vs. Azure Logic Apps

00:28 Triggering Automation with Event Hubs

00:31 Alerting on Security Changes via Audit Logs

00:41 Self-Service Group Management 00:44 Why You Must Learn Graph API

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill’s socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe