Presentation is loading. Please wait.

Presentation is loading. Please wait.

9/14/2018 4:36 AM The keys to the cloud Use Microsoft identities to sign in and access API from your mobile+web apps Vittorio Bertocci Principal Program.

Published byWesley Gray Modified over 6 years ago

Similar presentations

Presentation on theme: "9/14/2018 4:36 AM The keys to the cloud Use Microsoft identities to sign in and access API from your mobile+web apps Vittorio Bertocci Principal Program."— Presentation transcript:

1 9/14/2018 4:36 AM The keys to the cloud Use Microsoft identities to sign in and access API from your mobile+web apps Vittorio Bertocci Principal Program Manager @vibronet © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Agenda Developing with Microsoft Identities Working with businesses
Microsoft Build 2017 9/14/2018 4:36 AM Agenda Developing with Microsoft Identities Working with businesses Working with consumers and customers © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Developing with Microsoft identities
Microsoft Build 2017 9/14/2018 4:36 AM Developing with Microsoft identities © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 …The BEST identity system for ALL developers.
Microsoft Build 2016 9/14/2018 4:36 AM …The BEST identity system for ALL developers. © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Our vision An ideal identity system… Reaches the audience you want
HYBRID Organizations Individuals An ideal identity system… ON PREMISES CLOUD Reaches the audience you want Awesome cloud infrastructure Has great fundamentals Deflect 1.7M attacks per day in the consumer space Identify 400K potentially compromised users per day Every day the identity ML system processes 10TB of data Open standards WEB APP Works great with your solution MOBILE APP CLIENT SDK RESOURCE SDK

6 Developing with Microsoft identities
PORTAL AZURE AD CLIENT SDK MOBILE APP

7 Working with businesses
Microsoft Build 2017 9/14/2018 4:36 AM Working with businesses © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 9/14/2018 4:36 AM Azure Active Directory in the Marketplace Every Office 365 and Microsoft Azure customer uses Azure Active Directory organizations 12.8M users 950M 3rd party apps in Azure AD 272K paid Azure AD / EMS customers 56K of Fortune 500 companies use Azure AD 90% +30% YoY +45% YoY +200% YoY +74% YoY © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 90% of Fortune 500 use Azure AD
Business and Azure AD 90% of Fortune 500 use Azure AD BROWSER AZURE AD MYDAY

10 Using Microsoft identities in a web app
Microsoft Build 2016 9/14/2018 4:36 AM Using Microsoft identities in a web app AZURE AD OIDC MIDDLEWARE WEB APP BROWSER © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Demo Use Microsoft identities in your web app 9/14/2018 4:36 AM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 ASP.NET Middleware Modules for processing HTTP requests/responses
9/14/2018 4:36 AM ASP.NET Middleware Modules for processing HTTP requests/responses Server-independent (ASP.NET Core) Platform-independent Modules for every protocol OAuth2 (web APIs) OpenId Connect (web apps) WS-Federation (web apps) Automates: Token validation (via service metadata) Protocol enforcement © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 ASP.NET Core Middleware
Traditional ASP.NET Application Model ASP.NET Core Middleware

14 ASP.NET Core Middleware

15 Using Microsoft identities in mobile apps
Microsoft Build 2016 9/14/2018 4:36 AM Using Microsoft identities in mobile apps R AZURE AD SQL Azure MICROSOFT API MSAL A MOBILE APP A A R © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Microsoft Authentication Library (MSAL)
9/14/2018 4:36 AM Microsoft Authentication Library (MSAL) SDK for gaining access to API protected by Microsoft identities Fully OSS, easy to use, full-featured, production-ready Works with Azure AD v2 (work & school accounts, personal accounts) and B2C Available on .NET 4,5x, .NET Core, Xamarin (iOS, Android, UWP) iOS (ObjC/Swift) Android (Java) Javascript SafariViewController on iOS, Chrome custom tabs on Android © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 MSAL PublicClientApplication myApp =
9/14/2018 4:36 AM MSAL PublicClientApplication myApp = new PublicClientApplication("a7d8cef b2-a91d-95c54051fa3f") string[] scopes = { "Mail.Read" }; AuthenticationResult rez = await myApp.AcquireTokenAsync(scopes); © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Demo Use Microsoft identities in your mobile app – with MSAL
9/14/2018 4:36 AM Demo Use Microsoft identities in your mobile app – with MSAL © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 MSAL and token lifecycle
9/14/2018 4:36 AM MSAL and token lifecycle Don’t save tokens, just keep calling AcquireToken* MSAL will do its best to avoid prompting MSAL works with a sophisticated cache Persistent cache for iOS, Android and UWP Inmemory elsewhere - easy to customize to arbitrary storage Cached tokens are matched to requests according to Authority Scopes ClientId User © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 Microsoft Graph ACTIVITY CONTENT CONVERSATIONS INSIGHTS ME TRENDING
Microsoft Build 2017 9/14/2018 4:36 AM Microsoft Graph ACTIVITY CONTENT CONVERSATIONS INSIGHTS ME TRENDING ORGANIZATION GROUPS CHATS REPORTS DOCUMENTS EVENTS DEVICES SHARED CONTACTS SITES PEOPLE TASKS TEAMS © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 With Microsoft Graph Get the user profile Yina Tristan Groups Dmitry
Microsoft Build 2017 9/14/2018 4:36 AM GET: /users/yina { "displayName": "Yina", "jobTitle": "PRINCIPAL PM MANAGER", } GET: /users/yina/photo/… {} GET: /users/yina/manager {"displayName": "Tristan", …} GET: /users/yina/directReports "value" : [ {"displayName": "Matt", …}, {"displayName": "Dmitry", …}, ] GET: /me/memberOf/… {"displayName": "Office engineering", …}, {"displayName": "Women in tech", …}, With Microsoft Graph Get the user profile Tristan manager Groups memberOf Yina Dmitry Matt Sudhi directReports © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 Microsoft Build 2017 9/14/2018 4:36 AM GET /me/drive/root/… "value" : [ {"name": "proposal.pptx",… }, {"name": "forecast.xlsx",… } ] GET /drives/items/{id}/workbook GET /me/messages GET /me/events GET /me/contacts GET /me/onenote/notebooks GET /me/planner/tasks GET /me/devices GET /sites:/teams/opg:/ GET /sites:/teams/opg:/lists GET /groups/{id}/conversations ` With Microsoft Graph Get content for , calendar, files, tasks, sites, notes & more Documents Calendar Sites Tasks Meetings Contacts © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 With Microsoft Graph Get insights based on activities Out of office
Microsoft Build 2017 9/14/2018 4:36 AM GET /me/insights/trending "value" : [ {"name": "presentation.pptx", …}, {"name": "forecast.xlsx", …} ] GET /me/drive/recent {"name": "guidelines.pptx", …}, {"name": "budget.xlsx", …} GET /me/people/?$search="topic: planning" {"displayName": "Dan", …}, {"displayName": "Sean", …}, POST /me/findMeetingTimes { "attendees": [ "type": "required", " Address": { "address": } ], "meetingDuration": "2h" With Microsoft Graph Get insights based on activities Out of office Trending Documents Find me the best time to meet Ana Search people based on topics People I’m working with Recent Documents © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 Working with consumers and customers
Microsoft Build 2017 9/14/2018 4:36 AM Working with consumers and customers © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Azure Active Directory B2C
9/14/2018 4:36 AM Azure Active Directory B2C For app devs: Add registration and sign in to your app in minutes Reach any user, on any platform Select from a set of built-in, self-service identity experiences Customize each pixel. It’s your brand, your HTML and CSS Scale to 100s of millions of user accounts Run on the same secure, highly available infrastructure that powers O365 authentications © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 MSAL, Middleware & Visual Studio Templates
MSAL works with B2C, on all available platforms The ASP.NET middleware works with B2C (all versions) It’s just OpenId Connect! New web app templates in Visual Studio New ASP.NET Core apps can use Azure AD B2C from the get–go New individual auth projects also use OIDC, easy to migrate

27 Demo Connect to a B2C app via Visual Studio 9/14/2018 4:36 AM
© Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 Azure Active Directory B2C
9/14/2018 4:36 AM Azure Active Directory B2C For identity pros: Build custom identity solutions Define user journeys step by step, add conditions and branches Migrate from or integrate with existing user stores Integrate with other tools you use (e.g. CRM, Marketing) Integrate any OIDC or SAML identity providers © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 Demo Authenticate business users in a B2C application
9/14/2018 4:36 AM Demo Authenticate business users in a B2C application © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 Get your hands dirty! Start here:

31 Identity @ Ignite | Thursday
9/14/2018 4:36 AM Ignite | Thursday BRK2018 Share corporate resources with your partners using Azure Active Directory B2B collaboration OCCC W230 Thu 9:00–10:15 Mary Lynch Sarat Subramaniam Laith Al Shamri BRK3207 The keys to the cloud: Use Microsoft identities to sign in and access API from your mobile+web apps OCCC S310 Thu 10:45-12:00 Vittorio Bertocci BRK3012 Secure access to Office 365, SaaS and on-premises apps with Microsoft Enterprise Mobility + Security OCCC W311 Caleb Baker Chris Green BRK3013 Ensure users have the right access with Azure Active Directory OCCC Valencia W415 AB Thu 12:30–1:45 Joseph Dadzie Mark Wahl BRK3015 Deep-dive: Azure Active Directory Authentication and Single-Sign-On OCCC West Hall E1 Thu 2:15-3:30 John Craddock BRK3014 Azure Active Directory best practices from around the world Thu 4:00–5:15 Tarek Dawoud Mark Morowczynski Ignite | Friday BRK2276 Modernize your customer identity management with Azure Active Directory B2C OCCC W314 Friday 9:00-9:45 Saeed Akhter © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 Our vision, our mission …The BEST identity system for ALL developers.
HYBRID USERNAME & PASSWORDS STORE ON PREMISES CLOUD Organizations Individuals Awesome cloud infrastructure Open standards WEB APP MOBILE APP CLIENT SDK RESOURCE SDK …The BEST identity system for ALL developers.

33 Please evaluate this session Your feedback is important to us!
9/14/2018 4:36 AM Please evaluate this session Your feedback is important to us! From your PC or Tablet visit MyIgnite at From your phone download and use the Ignite Mobile App by scanning the QR code above or visiting © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

34 9/14/2018 4:36 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "9/14/2018 4:36 AM The keys to the cloud Use Microsoft identities to sign in and access API from your mobile+web apps Vittorio Bertocci Principal Program."

Similar presentations

Success through People with LinkedIn and O365

Success through People with LinkedIn and O365
A lap around Azure Active Directory Business to Consumer (B2C)

A lap around Azure Active Directory Business to Consumer (B2C)
Microsoft Ignite 2016 4/27/2018 9:00 AM THR2016

Microsoft Ignite /27/2018 9:00 AM THR2016
Make your app a native part of Office with Add-ins

Make your app a native part of Office with Add-ins
Microsoft Ignite /10/2018 3:38 AM

Microsoft Ignite /10/2018 3:38 AM
Create beautiful, fast, interactive pages in SharePoint

Create beautiful, fast, interactive pages in SharePoint
5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.

5/21/2018 9:40 PM BRK3021 Learn about modern infrastructure roles in RDS: Next generation Windows desktop & app virtualization Clark Nicholson - Principal.
S4 Solution Specialist Sales Summit

S4 Solution Specialist Sales Summit
Creating Enterprise Grade BI Models with Azure Analysis Services

Creating Enterprise Grade BI Models with Azure Analysis Services
Mobile App Trends: lifecycle, functions, and cognitive

Mobile App Trends: lifecycle, functions, and cognitive
Microsoft 2016 6/4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,
6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Rottem @AmitaiTechie Senior Program Manager,

6/10/2018 5:07 PM THR2218 Deploying Windows Defender AV and more with Intune and Configuration Manager Amitai Senior Program Manager,
9/11/2018 12:51 AM Cloud Roadshow © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO.

9/11/ :51 AM Cloud Roadshow © 2014 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO.
SaaS Application Deep Dive

SaaS Application Deep Dive
Developing Hybrid Apps on Microsoft Azure Stack

Developing Hybrid Apps on Microsoft Azure Stack
Microsoft 2016 6/17/2018 4:24 AM BRK4012 Dive deep on Skype Web SDK & Skype for Business App SDK - Build apps across Web, IOS & Android Srividhya Chandrasekaran Amit.

Microsoft /17/2018 4:24 AM BRK4012 Dive deep on Skype Web SDK & Skype for Business App SDK - Build apps across Web, IOS & Android Srividhya Chandrasekaran Amit.
Build Connected Productivity Apps for SharePoint and Office

Build Connected Productivity Apps for SharePoint and Office
6/25/2018 11:13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.

6/25/ :13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.
Microsoft Virtual Academy

Microsoft Virtual Academy
The power of common identity across any cloud

The power of common identity across any cloud

Similar presentations

Ads by Google