Presentation is loading. Please wait.

Presentation is loading. Please wait.

Build 2015 4/17/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION.

Published byEvan Thompson Modified over 9 years ago

Similar presentations

Presentation on theme: "Build 2015 4/17/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION."— Presentation transcript:

1 Build 2015 4/17/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Develop Modern Native Applications with Azure Active Directory
Build 2014 4/17/2017 2-769 Develop Modern Native Applications with Azure Active Directory Vittorio Bertocci @vibronet Principal Program Manager © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Going Native or Multi Target Stacks?

4 Choose any platform or dev stack…
iOS Android Windows ADAL .NET + Xamarin C#/JS Apache Cordova Plugin for ADAL ADAL Obj-C ADAL Android ADAL .NET Native WebAccountManager …Azure AD has your back.

5 Agenda The Token Requestor Pattern Going Native Going Multitarget
Windows 10, Windows 7+ iOS Android Going Multitarget Xamarin Cordova

6 Azure AD by the Numbers 86%
Azure AD manages identity data for >5 M organizations 86% of Fortune 500 companies on Microsoft Cloud (Azure, O365, CRM Online and PowerBI) More than 500 M objects hosted on Azure Active Directory 1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every day on Azure AD Every Office 365 and Microsoft Azure customer uses Azure Active directory

7 Identity, Native Clients, and Azure AD

8 Native Clients and Identity
Build 2015 4/17/2017 8:11 PM Native Clients and Identity R1 App1 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Native Clients, Identity and Azure AD
Build 2015 4/17/2017 8:11 PM Native Clients, Identity and Azure AD R1 App1 R2 SAML WS-Fed OAuth-A OAuth-T contoso.onmicrosoft.com App1 R2 R1 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Going Native

11 Going Native Windows 10 – WebAccountManager Windows 7+– ADAL .NET
iOS – ADAL ObjC Android – ADAL Android

12 Windows 10 WebAccountManager
App1 Web Account Manager Windows Web Account Provider 1 Web Account Provider 1 <<< System accounts

13 WebAccountManager API and AAD
General token acquisition pattern FindAccountProviderAsync <WebTokenRequest> RequestTokenAsync / GetTokenSilentlyAsync WebTokenRequestResult

14 Registering a Universal App with Azure AD
Every app must be registered in Azure AD declare in advance what resources it wants to access To register your app to use WAM, you need its SID Execute WebAuthenticationBroker.GetCurrentApplicationCallbackUri().ToString(); The SID is the red part: ms-app://s Important: change the ‘s’ in the SID to UPPERCASE You need to use the SID at registration time to build a redirect uri as follows: ms-appx-web://Microsoft.AAD.BrokerPlugIn/S

15 DEMO Getting Azure AD tokens via WebAccountManager
Build 2015 4/17/2017 8:11 PM DEMO Getting Azure AD tokens via WebAccountManager © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Targeting Windows 7 onward
Redistributable libraries help you to prompt users, perform requests, handle sessions

17 Active Directory Authentication Library (ADAL)
Available on multiple platforms .NET, Windows Store, Windows Phone 8.1, iOS, Android, Node.JS, Java Open source Consistent primitives, native programming models Sophisticated features Works across Windows Server and Azure Active Directory Cache and automatic refresh Multi user support NOT a protocol library

18 ADAL – Main Token Acquisition Pattern
Abstracts away most protocol considerations Handles tokens persistence & refresh automatically AuthenticationContext ctx= new AuthenticationContext(" AuthenticationResult rez = await ctx.AcquireTokenAsync( " "5fc4a5a2-78d5-4d94-b890-a6e6b ");

19 ADAL .NET Current supported version: V2.x Desktop
Default cache in-memory Extra flows for public clients only: Windows integrated authentication Direct use of username & password Windows Store, Windows Phone 8.1 Persistent per-app cache Windows Runtime Components Works with C#, WinJS, C++

20 DEMO Getting Tokens via ADAL .NET

21 ADAL or WebAccountManager?
If you are targeting Windows 10 onward exclusively For apps that use more than one provider type ADAL .NET For Azure AD and ADFS only If you are targeting all versions of Windows from Win7 onward If you want to target iOS and Android via Xamarin If you need authentication flows not covered by WebAuthenticationBroker direct username/password, app identity A future ADAL .NET release will use WAM on Win10

22 ADAL iOS OSS Objective C library How to get it: source ZIP, Cocoapods
Persistent cache via KeyChain Apps from the same publisher can share tokens NTLM

23 ADAL Android OSS Java library
How to get it: source ZIP, git clone, Gradle, Maven Persistent cache on shared preference file Encrypted via AndroidKeyStore Integrated with the Account Manager Via Azure Authenticator app - NTLM

24 Targeting Multiple Platforms at Once: Xamarin, Apache Cordova

25 Xamarin Use C# to target popular mobile platforms
Reuse code across multiple platforms iOS Android Win8+ Store Shared C# code

26 ADAL v3 and Xamarin A PCL containing all the main primitives
Build 2015 4/17/2017 8:11 PM ADAL v3 and Xamarin A PCL containing all the main primitives Platform specific assemblies handling presentation, token storage Dynamic dependency injection ADAL .NET v3 Nuget C# iOS Project C# Android Project C# Windows Project PCL Android PCL iOS PCL iOS .NET Desktop Android PCL Project Windows Store Windows Phone 8.1 Store PCL © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 DEMO Getting Azure AD tokens for a C# iOS app

28 Apache Cordova Plugin for ADAL
JavaScript façade to native ADALs R1 App1 Cordova Frame JS App Adal Cordova Plugin Adal Native

29 DEMO Getting Azure AD Tokens from a Cordova JavaScript App

30 Choose any platform or dev stack…
iOS Android Windows ADAL .NET + Xamarin C#/JS Apache Cordova Plugin for ADAL ADAL Obj-C ADAL Android ADAL .NET Native WebAccountManager …Azure AD has your back.

31 Next Steps Sign up for an Azure trial to get Azure AD
You won’t be charged if you only use Azure AD free capabilities Check out the Azure AD Developer Guide Azure.com  Documentation  ID&A Management  Active Directory  Develop Go deeper at //build Vittorio Bertocci: “Develop Modern Web Applications with Azure AD” (2-753) Vittorio Bertocci: “Develop Modern Native Applications with Azure AD” (2-769) Mat Velloso: “Cloud Auth Troubleshooting and Recipes for Developers” (2-740) Subscribe to AD team blog or search for “active directory team blog”

32 Resources Improve your skills by enrolling in our free cloud development courses at the Microsoft Virtual Academy. Try Microsoft Azure for free and deploy your first cloud solution in under 5 minutes! Easily build web and mobile apps for any platform with AzureAppService for free.

33

Download ppt "Build 2015 4/17/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION."

Similar presentations

Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Vision and Platform: Cloud First-Mobile First Eduardo Mangarelli Sr. Director of Technology, Microsoft

Vision and Platform: Cloud First-Mobile First Eduardo Mangarelli Sr. Director of Technology, Microsoft
Azure AD & Office 365 1. Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.

Azure AD & Office Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.
SYNC DEMO “We bought Grandma a new TV. This is what my Dad did to her remote.”

SYNC DEMO “We bought Grandma a new TV. This is what my Dad did to her remote.”
 Lynn Ayres Program Manager Identity Services  Tore Sundelin Program Manager Identity Services BB29.

 Lynn Ayres Program Manager Identity Services  Tore Sundelin Program Manager Identity Services BB29.
Microsoft Ignite /16/2017 3:37 PM

Microsoft Ignite /16/2017 3:37 PM
Microsoft Cloud Microsoft Confidential SaaS Office 365 Azure SQL PaaS Azure Storage Azure HDInsight IaaS SQL Server Apache One common problem: “How.

Microsoft Cloud Microsoft Confidential SaaS Office 365 Azure SQL PaaS Azure Storage Azure HDInsight IaaS SQL Server Apache One common problem: “How.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
Active Directory federation user provisioning.

Active Directory federation user provisioning.
Build 2015 4/16/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION.

Build /16/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every day.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every day.
Active Directory federation user provisioning.

Active Directory federation user provisioning.
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
UAGSharePoint InternetIntranet.

UAGSharePoint InternetIntranet.
Resource App Resource App Resource authorization server authorization endpoint token endpoint A A R.

Resource App Resource App Resource authorization server authorization endpoint token endpoint A A R.
Authenticate user AuthenticationContext aCtx = new AuthenticationContext(“https://sts.contoso100.com/adfs); AuthenticationResult.

Authenticate user AuthenticationContext aCtx = new AuthenticationContext(“ AuthenticationResult.
Cross Platform Mobile Backend with Mobile Services James

Cross Platform Mobile Backend with Mobile Services James
© User:Digitalsignal / Wikimedia Commons / CC-BY-SA-3.0User:DigitalsignalWikimedia CommonsCC-BY-SA-3.0.

© User:Digitalsignal / Wikimedia Commons / CC-BY-SA-3.0User:DigitalsignalWikimedia CommonsCC-BY-SA-3.0.
Single Sign-On with Microsoft Azure

Single Sign-On with Microsoft Azure

Similar presentations

Ads by Google