John Craddock's Identity Masterclass

Message from John

I would like to introduce you to my five-day Online Microsoft Identity Masterclass.

I've been working with identity and access for over 20 years. In addition to my role as an identity and security architect, I regularly present highly technical sessions at international events, including Microsoft Ignite.

Please watch the video for more details about the Masterclass.

A full outline is included below. If you or your manager has a question about the Masterclass, please email me at and we can set up a call.

Just see what others have said:

Very comprehensive course!
Loved John's enthusiasm. A lot of deep dive knowledge.
The course was very hands-on and the course material is very comprehensive and up to date.
Harri, ICT Specialist, Finland

In my roughly 20+ years in the IT industry, this was by far the best class I have taken. Not only did the class meet my expectations in content provided, it far exceeded it.

Typically, a lot of classes marked as "advanced" in any way, don't always meet everyone's expectations. The level of detail on everything was fantastic, and all of the material being kept up to date to even include recent preview features was greatly appreciated. The labs were all set up in a way that you were given enough information to succeed, but you had to actively engage to complete.

Steve, Senior Server Engineer, US
The Masterclass is excellent. It is the most in-depth content related to the management of Identity in the Microsoft arena that I have seen around. I am very satisfied! Giovanni, IT Consultant, UK
It has been an incredible experience with tons of information in a well-structured and organized course. John really knows his work and, not only he can explain almost by heart every single slide, he can also answer almost any question regardless the topic, adding examples from real world problems and notes as new topics comes on play based on actual questions. The Labs are fantastic and, if you really care to know what you are doing and not only just go step by step, you can really learn a lot. Paris, Senior Consultant, Spain
Instructor is extremely knowledgeable in course content (and beyond) and is able to take student real-world questions and answer questions and demonstrate solutions. Impressed very much with course labs. Labs challenge without spoon feeding you every little step - they give you a chance to think about the answers and apply what you have learned. Also appreciated not wasting time, with extended lunches or quitting early. Really got our money's worth. Jack, Enterprise Architect, USA
This is one of the most impressive classes I have ever had the pleasure of taking. John takes the time to go into a significant amount of detail, covering every major scenario for each Identity topic. The labs are extensive and allow the student to truly breakdown and understand each step of the process. The training experience is further enhanced by the ease at which John takes complex topics and simplifies them for all participants. Matt, Associate Director; Global Lead - IAM Engineering

Money Back Guarantee

We're so confident that you're going to love the Identity Masterclass that we guarantee it. Check out our terms and conditions for all the details. Don't worry; they're fair and straight forward too!

Masterclass details

In the Masterclass, you will learn how the identity solutions offered by Entra ID and on-premises AD will help you build identity systems for the future using protocols that include OpenID Connect and OAuth 2.0. You will learn how to implement secure authentication and authorization to applications that can be located on-premises or in the cloud. The source of identity of the users could be from your own corporate network, your Entra ID directory, a partner organization and/or a social identity provider such as Facebook or Google.

The class provides detailed learning through the extensive use of hands-on labs. Attendees will not only learn the fundamentals and principles but also learn how to deploy and troubleshoot the solutions. In-depth learning will be gained through the use of tools, such as Fiddler and Wireshark, to analyze and understand the protocol flows.

The class is continuously revised as Microsoft make changes to Entra and introduces new relevant features.

Who is it for?

The class is primarily aimed at IT professionals. However, application developers who are tasked with integrating authentication and authorization with Microsoft Entra ID and/or on-premises AD will significantly benefit from the detailed coverage. Code development is not included in the class, but you will learn about all of the configuration requirements.

The Masterclass is designed to teach you how to solve all the challenging aspects of securing apps in Entra ID and provide an optimal SSO experience for your users.

What to expect

The Masterclass is a high-energy, action-packed event crammed with factual information and tips. During the 5-days, John Craddock will help build your knowledge and consolidate your new skills with over 35 hands-on labs.


To attend the Masterclass, you need to be a confident IT administrator with a thirst for knowledge. The Masterclass doesn't teach basic Entra ID administration, but because of the extensive hands-on, you can come to this class with no prior knowledge of Entra ID. You will pick up the basics as we focus on the more challenging topics.

To gain the maximum from this class and the hands-on labs, you will need hands-on system administrator skills. For example, you will need to know how to:

  • Create and manage groups, OUs and group policies in an on-premises AD
  • Perform basic server/DC troubleshooting (for example, check if a service is running and restart it)
  • Add a DNS record
  • Add a URL to a browser's Intranet zone

Day 1

After a comprehensive introduction to today's identity challenges and solutions, you will learn the details of the authentication protocols. This in-depth coverage of the protocols will allow you to troubleshoot any problems you may encounter when deploying solutions. As we go through the hands-on labs, you will be expected to troubleshoot any issues you may encounter during the Masterclass. Of course, John will be there if you need help.

Day 1 hands-on labs include:

  • Creating an Entra ID Directory
  • Capturing and analyzing HTTP/HTTPS sessions using Fiddler
  • Enabling Kerberos on a website
  • Troubleshooting Kerberos network traffic using Wireshark
  • Tracing the WS-federation protocol

Day 2

After completing our investigation of the protocols, You'll discover how to manage Entra ID through the Portal, using PowerShell and the GraphAPIs.

Day 2 hands-on labs include:

  • Investigating OpenID Connect and OAuth 2.0
  • Adding custom domains to Entra ID
  • Managing Entra ID with PowerShell
  • Using Graph Explorer

Day 3

We will start the day investigating Entra ID authentication methods and other security measures, including Conditional Access and self-service password resets. You will learn how to sync hybrid uses from on-premises using Entra Connect Sync.

You will discover the pass-through authentication and the SSO capabilities provided by Entra Connect Sync and Windows 10.

Day 3 hands-on labs include:

  • Custom security attributes
  • Self-service password resets
  • Installing and configuring synchronization with Entra Connect Sync
  • Investigating pass-through authentication and SSO
  • Windows 10 SSO

Day 4

At this stage, you will have created a reliable identity infrastructure, and now it's time to make applications available to our users.

You will start by deploying a SaaS app to your users, configuring groups, assignments and self-service application management. You will then learn how to register your own applications with Entra ID.

We then dive into the application model and learn about managing permissions, roles, groups, delegation, APIs and consent.

Day 4 hands-on labs include:

  • Working with SaaS applications
  • Self-service application management
  • Configuring an Open ID Connect / OAuth 2.0 app with Entra ID
  • Managing permission roles and groups
  • Defining WebAPI permissions
  • Investigating consent
  • Deploying a V2 app and testing consent

Day 5

The day starts with discovering how to turn your application into a multi-tenant app and make it available to all users from all Entra tenants. You then proceed to work with the Entra Application Proxy to publish applications to the Internet. We will go on to stretch our boundaries and see how Entra ID can open access to consumers (B2C) and businesses (B2B).

The labs support three optional hands-on with AD FS. Although the full details of AD FS are no longer covered in the class, the labs are still available for anyone to experience AD FS if required. Due to time constraints, these labs will need to be done outside of class hours.

Day 5 hands-on labs include:

  • Multi-tenant applications
  • Publishing applications using the Entra Application Proxy
  • Enabling Windows Authentication via Kerberos Constrained Delegation
  • Optional to be done outside class hours
    • Configuring AD FS
    • Enabling Federated SSO
    • Installing and configuring an OpenID Connect app on AD FS
  • Multi-tenant versus federated applications
  • Managing B2B invitations and guest users

Masterclass materials

Both the hands-on manual and slides will be available in PDF format. You will also receive a copy build guide, which details how to set up the hands-on virtual environments and copies of all the scripts and demo websites.

Masterclass lab environment

The hands-on labs are all run in a cloud-based virtual environment that will be available to you after the course is completed. The labs are available for 60 days from the course start date. This will allow you to do the labs again and test out other ideas.

Book Your Place

Monday 21st - Friday 25th October 2024 9:00 - 17:00 CET

Although the Masterclass is priced slightly higher than the average 5-day training class. The premium price reflects the high-quality, in-depth technical content and of course, having John Craddock with you all week to teach you the topics and answer your questions. The class is exceptional and unique. Everyone who has attended the Masterclass has been highly satisfied and had nothing to say but praise for the content, the hands-on labs and John's teaching.


Sign up today to recieve the following bonuses free of charge - if there are still spaces avaiable for the Masterclass. Class sizes are very small, spaces are strickly limited. Signup now to avoid disapointment.

  • A 1:1 post course 1 hr Teams call with John to discuss any questions you might have - about the coruse of projects that you're working on.
  • Access to the hand-on labs after the Masterclass for an extra 60 days

This is a live training event, produced and delivered from the UK.

  • If you're outside of the Europen Union and a business - there is no VAT to pay.
  • If you're in an EU country, excluding the UK and have an EU VAT number then there is no VAT payable.
  • If you're in the UK or the rest of EU and you don't have a VAT number or an individual outside of the EU - VAT is charged at 20%
Make sure that you choose the right option, your card will need to match your choice or you may need to pay the VAT

Money Back Guarantee

We're so confident that you're going to love the Identity Masterclass that we guarantee it. Check out our terms and conditions for all the details. Don't worry; they're fair and straight forward too!

Outside the EU

For businesses & individuals who are based outside of the EU


EU - excluding UK

For businesses and individuals in the EU (excluding the UK)

€4,250 ex VAT €5,100 inc VAT

United Kingdom

For businesses and individuals in the UK

£3,635 ex VAT £4,362 inc VAT
Book your place(s) Reset payment area selection

Microsoft Identity Masterclass: Two Mastercass dates to choose from

Click here to read them Please accept the booking terms and conditions.
Order Details

Payment Details

If you have any questions please email or give us a call on +44 1865 596060.

Are you sure?

Are you sure you want to leave this page and return to the main website?

Yes! Get me out of here

Masterclass Booking Terms and Conditions

Cancellation Policy:

If for any reason you are unable to attend the course you are booked on, you may substitute, by prior arrangement and after notifying us, someone else from your organisation.

If you are unable to attend, and cannot or do not wish to give the place to someone else in your organisation our cancellation terms are as follows:

For late cancellations, at our discretion, we may offer a transfer to an alternate Masterclass. Bookings can only be transferred once.

For operational reasons we reserve the right to cancel the course / event due to low numbers or other operational reasons beyond our control. In such circumstances we will endeavour to either offer you an alternative course date or a full refund.


By booking you warrant that you have entered your country details correctly.

Your commitment:

By booking you confirm that you confident IT Administrator and have the minimum of the following skills:

Our Guarantee:

If you don’t believe the course content was valuable and you were dissatisfied, we will refund the fee that you paid. To execute this guarantee, you must:

Privacy Policy:

You have read and agreed to how your data will be handled subject to our privacy policy


Class sizes are small; there are a limited number of places available. Book now to avoid disappointment.

We use cookies to improve your experience on our site, measure the effectiveness of our marketing and to better market our services to you in the future. To accept the recommended setting, please click Accept or continue to browse this website. For more information & settings, click here to view our cookies policy
Thank you for accepting the recommended cookie settings, have been applied. You can change the settings from our Cookie Policy page.