User signs in to WindowsUser is signed in to your app 12.

Slides:

Advertisements

Similar presentations

The How of OAuth OAuth Hackathon – Six Apart

Advertisements

Paul Roberts – Enterprise Mobility Specialist

AAI for Apps Using AAI with your Smartphone Daniel Latzer Zürich, April 2013

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview.

FI-WARE Testbed Access Control temporary solution.

OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:

Using Evernote and Google Docs in your web or mobile application (and potentially Dropbox and Skydrive) By Peter Messenger Senior Developer – Triple Point.

Authentication solutions for Outlook and Office 365 Multi-factor authentication for Office 365 Outlook client futures.

FIspace Security Components FIspace Security Components NetFutures 2015 FIspace project Javier Romero Negrín Javier Hitado Simarro ATOS Serdar Arslan KoçSistem.

 Lynn Ayres Program Manager Identity Services  Tore Sundelin Program Manager Identity Services BB29.

OmStore Cloud API Harshit Agarwal Sohil Habib. About Us ●We are graduate students at CMU ●Currently at CMU Silicon Valley campus ●Working part time with.

Build /17/ :42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE.

Active Directory Integration with Microsoft Office 365

Esri UC2013. Technical Workshop. Technical Workshop 2013 Esri International User Conference July 8–12, 2013 | San Diego, California Building Secure Applications.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Microsoft Office 2013 ®® Appendix A Introduction to Cloud Computing.

Edwin Sarmiento Microsoft MVP – Windows Server System Senior Systems Engineer/Database Administrator Fujitsu Asia Pte Ltd

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21,

ArcGIS Server and Portal for ArcGIS An Introduction to Security

Identity on Force.com & Benefits of SSO Nick Simha.

Online Service 1. Authorization Request (Start URL) 2. Login page 3. Credentials 4. Authorization page 5. User decision 6. Authorization.

SharePoint Security Fundamentals Introduction to Claims-based Security Configuring Claims-based Security Development Opportunities.

External user invited This creates invitation in Access Request List Invitation sent to guest with invitation URL Guest clicks URL. Verification.

Module 11: Securing a Microsoft ASP.NET Web Application.

SSO Case Study Suchin Rengan Principal Technical Architect Salesforce.com.

Yuchen Zhou and David Evans Presented by Simon du Preez Compsci 726 SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities.

Photobucket Web 2.0 Logan Weiland/computer apps 1.

Session: MIX09-T27F. Web Developers Customizable identity UX Single Sign On Access to user data ISVs Federation for selling their applications to organizations.

February, TRANSCEND SHIRO-CAS INTEGRATION ANALYSIS.

Securing Angular Apps Brian Noyes

Esri UC 2014 | Demo Theater | Using ArcGIS Online App Logins in Node.js James Tedrick.

What the $#*! IS my password? Secure Online Password Storage Lon Smith Aaron Gremmert.

1 ACCESSIBILITY IN "WINDOWS 8" by Francis Chao. 2 Web location for this presentation: Click on “Meeting Notes”

Using PIV Cards with NIH Login Chris Leggett NIH Login Technical Lead CIT/NIH.

Slavko Kukrika MVP Connect Windows 10 to the Cloud – Cloud Join.

Secure Mobile Development with NetIQ Access Manager

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Lindsey Velez, Director of Instructional Technology Single Sign-On One Click.

#SummitNow Consuming OAuth Services in Alfresco Share Alfresco Summit 2013 Will Abson

AZURE AD Haishi DX, Agenda Basic concepts Exercise 1: Creating a new Azure AD tenant and a new user Exercise 2: Enable web app Azure AD authentication.

Enabling the Modern Workstyle with Windows 10 & Azure Active Directory Venkatesh Gopalakrishnan 2016 Redmond Summit | Identity Without Boundaries May 25,

Vaughan Knight App Ecosystem Lead Microsoft FileOpenPicke r, FileSavePicker Read/Write access to SD card Appointments /Calendar API enhancements Appointments.

ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.

Win8 Single Sign On: Brief. How does Authentation using the WebAuth Broker look like.

11 | Managing User Info Jeremy Foster Michael Palermo

Connecting Power BI to On-Premise Dynamics CRM/GP Data

Consuming OAuth Services in Alfresco Share

Jim Fawcett CSE686 – Internet Programming Summer 2005

Niv Gross, Ohad Ifrach, Ortal Israel

SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities Yuchen Zhou, and David Evans 23rd USENIX Security Symposium, August,

Power your app with Live services

Cloud Connect Seamlessly

Azure AD Application Proxy

Multifactor Authentication & First Time Login

IOS SDK v1.0 with NAM 4.2.

How to Set up Remote Access to Personal U: drive

Multi-Factor Authentication

Agenda OAuth Concepts Programming OAuth.

SharePoint Online Authentication Patterns

Office 365 Development.

Multi-Factor Authentication

ASP.NET Authentication with Identity Jump Start

D Guidance 26-Jun: Would like to see a refresh of this title slide

Student user guide for getting started with Microsoft

eCopy ShareScan Scan to OneDrive Chris Pearce-King

eCopy ShareScan Scan to Google Drive Chris Pearce-King

Presentation transcript:

User signs in to WindowsUser is signed in to your app 12

Secure storage Credential isolation Roaming

My Photo App App Foo

My Photo App Desktop PC Sky Drive (Microsoft Account) My Photo App Tablet PC

Typical OAuth flow Online service 1. Authorization Request (Start URL) 2. Login page 3. Credentials 4. Authorization page 5. User decision 6. Authorization token (Redirect URL) 7. Data access User Application

No browser control No credential isolation

Web auth broker Web authentication broker Online service 1. Authorization request (Start URL) 2. Login page 3. Credentials 4. Authorization page 5. User decision 6. Authorization token (Redirect URL) WinRT Dialog User Windows Store app 7. Data access

Easy to use Credential isolation Supports secure SSO

Architecture a 3 b App’s App Container Medium Integrity Level Different App Container

SSO mode allows users to authenticate to services without having to re-enter credentials every time WAB supports SSO Apps need to opt-in

Kernel Mode User Mode (App Container) User Mode (Medium) SID: S Contoso verifies the redirect URL for its apps (e.g. MyPhotoApp registered ms-app://S ) MyPhotoApp redirectURI=ms-app://S ,… redirectURI=ms-app://S ,…

Header color Title text Icon Stylized web page to do the following:

Inconsistent account UX Extra work for you

Intuitive & consistent account UX Saves you time

Sign in once. And that’s it. Microsoft Account & Services - Live SDK Online service providers - WebAuthBroker Optimize your online service for best results Cred Management - Credential Locker Accounts UX – Accounts Control Key takeaways Sign up or give up?