Presentation is loading. Please wait.

Presentation is loading. Please wait.

Office 365 Platform Flexible Tools Each Office 365 Workload API required different Authentication.

Published byRosemary Linda Palmer Modified over 9 years ago

Similar presentations

Presentation on theme: "Office 365 Platform Flexible Tools Each Office 365 Workload API required different Authentication."— Presentation transcript:

1

2

3

4

5

6 Office 365 Platform Flexible Tools

7 Each Office 365 Workload API required different Authentication

8 Sign-On experience using Organizational Account Combined Consent Across all Office 365 APIs

9

10

11 https://sessionpicker.net Request to authorization endpoint: client_id, redirect_uri, response_type=code Request to authorization endpoint: client_id, redirectUri, response_type=code prompt=admin_consent Sign-Up using OAuth 2 Authorization Flows Admin and User consent-able permissions Sign-In can also use OpenID Connect in future

12

13 App AAD OAuth2 server Authorization/Token Issuing endpoints Office 365 Exchange API endpoint Use Code to get Exchange API Token Token Response Call API with Token Use refresh token to get SharePoint API Token Token Response Call API with Token Office 365 SharePoint API endpoint User Authorization Request User Login & Consent Code

14 Application only needs to maintain single RefreshToken

15 15 ClaimExampleIntended Purpose Tenant ID [tid]09f9ea02-9be8-4597-86b9-32935a17723eImmutable tenant identifier UPN [upn]mattleib@imgeeky.ccsctp.netDisplay only First Name [given_name]MatthiasDisplay only Last Name [family_name]LeibmannDisplay only Object ID [oid]b6e5ea27-e04a-49b6-9677-e404d87d0b9eImmutable security identifier Go here for more information on MSDN

16

17 *Features are dependent on platform, see ADAL documentation for more information

18

19

20 1. Register application with Azure AD in your Dev tenant. Requires tenant with an Azure subscription and O365 subscription. 2. Configure your application registration with the permissions it needs, using Azure Management Portal 3. Build app code – decide on user sign up, admin sign up or both. Use OAuth flow for sign up, and get back info on the signed up user/tenant and store in your app profile database. 4. Test consent flow using a set of test directory tenants (easily created) 5. Test revocation for admin and user (through the app access panel – coming soon) 4. Deploy and maintain Visual Studio Tooling available to integrate apps with AAD and Office 365 APIs

21

22

23

24

25

26 EntityCollectionActions CalendarGroupCalendarGroups CalendarCalendars EventEventsCRUD, Accept, Decline, TentativelyAccept AttachmentAttachmentsCRUD

27

28

29 EntityCollectionActions FolderFoldersCRUD, Copy, Move MessageMessages CRUD, Copy, Move Reply, ReplyAll, Forward, Send CreateReply, CreateReplyAll, CreateForward AttachmentAttachmentsCRUD

30

31 EntityCollectionActions ContactFolderContactFolders ContactContacts CRUD

32 ScenarioURL Get 5 messages from Inbox https://outlook.office365.com/EWS/OData/Me/Inbox/Messages?$top= 5 Get the next 10 messages https://outlook.office365.com/EWS/OData/Me/Inbox/Messages?$top= 10&$skip=5 Get top 10 messages sorted by DateTimeCreated https://outlook.office365.com/EWS/OData/Me/Inbox/Messages?$top= 10&$skip=10&$orderby=DateTimeCreated Get selective properties on messages https://outlook.office365.com/EWS/OData/Me/Inbox/Messages?$top= 5&$select=From,DateTimeCreated,Subject Get Events starting after a particular DateTime https://outlook.office365.com/EWS/OData/Me/Events?$top=5&$select =Subject,Start,End&$filter=Start ge 2014-03-04T20:00:00Z Get Contacts where Display Name contains ‘Rohit’ https://outlook.office365.com/EWS/OData/Me/Contacts?$top=10&$fil ter=contains(DisplayName,’Rohit’)

33

34 Auth to Office 365 APIsMail, Calendar, Contacts Rest API

35 Auth to Office 365 APIs Mail, Calendar, Contacts Rest API Feedback mattleib@microsoft.com, rohitag@microsoft.commattleib@microsoft.comrohitag@microsoft.com

36

37 Sponsored by

38

Download ppt "Office 365 Platform Flexible Tools Each Office 365 Workload API required different Authentication."

Similar presentations

FI-WARE Testbed Access Control temporary solution.

FI-WARE Testbed Access Control temporary solution.
Patterns & practices Symposium 2013 Windows Azure Active Directory Vittorio

Patterns & practices Symposium 2013 Windows Azure Active Directory Vittorio
DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.

DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
Desktop Mobile Xbox IoT Holographic Surface Hub Universal Windows Platform Core APIs.

Desktop Mobile Xbox IoT Holographic Surface Hub Universal Windows Platform Core APIs.
EntityCollectionActions FolderFoldersCRUD, Copy, Move MessageMessages CRUD, Copy, Move, Reply, ReplyAll, Forward, Send, CreateReply,

EntityCollectionActions FolderFoldersCRUD, Copy, Move MessageMessages CRUD, Copy, Move, Reply, ReplyAll, Forward, Send, CreateReply,
THE WORLD HAS CHANGED INFORMATION MOVES SLOWLY COMMAND AND CONTROL TRADITIONAL HIERARCHIES INFORMATION TRAVELS FAST LEARN AND ADAPT RESPONSIVE.

THE WORLD HAS CHANGED INFORMATION MOVES SLOWLY COMMAND AND CONTROL TRADITIONAL HIERARCHIES INFORMATION TRAVELS FAST LEARN AND ADAPT RESPONSIVE.
4 100’s of millions of Users  Office 365 (now), Outlook.com (soon), hybrid and on-premises on our roadmap Engaged Users Powerful, intuitive way to.

4 100’s of millions of Users  Office 365 (now), Outlook.com (soon), hybrid and on-premises on our roadmap Engaged Users Powerful, intuitive way to.
GRDevDay March 21, 2015 Cloud-based Identity for Applications.

GRDevDay March 21, 2015 Cloud-based Identity for Applications.
z _api.

z _api.
Vienna/Austria Authenticate as entitled user or app for the individual service Authenticate as entitled user for our web portal Decide what.

Vienna/Austria Authenticate as entitled user or app for the individual service Authenticate as entitled user for our web portal Decide what.
Clients using wide variety of devices/languages/platforms Server applications using wide variety of platforms/languages Browser Native app Server.

Clients using wide variety of devices/languages/platforms Server applications using wide variety of platforms/languages Browser Native app Server.
Resource App Resource App Resource authorization server authorization endpoint token endpoint A A R.

Resource App Resource App Resource authorization server authorization endpoint token endpoint A A R.
Fraser Technical Solutions, LLC

Fraser Technical Solutions, LLC
SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.

SPC204 Security Problems in SharePoint 2010 Authentication and Authorization.
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
z Native Application Azure AD Authorization Endpoint Azure AD Token Endpoint Office 365 API.

z Native Application Azure AD Authorization Endpoint Azure AD Token Endpoint Office 365 API.
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
(Azure+O365) Identity Presenter Name Position or role Microsoft Azure.

(Azure+O365) Identity Presenter Name Position or role Microsoft Azure.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Similar presentations

Ads by Google