Hello,
If we follow default instruction to enable with O365 login(AZure), run the powershell script etc and grant permissions to application what are the security consequences ?
What will happen if our Moodle instance is compromised ? Will the attacker be able to read and change passwords in Azure AD. Of course if he tricks the user to enter on his site yes, but my question is more if he gains access to source DB with aplictaion id and key ?
I hope my question is not too confusing...
Peter