1 / 23

Vittorio Bertocci Principal Program Manager 3-042

Windows Azure Active Directory: Enabling Single Sign On and Directory Services for Cloud SaaS Apps. Vittorio Bertocci Principal Program Manager 3-042. One Cloud Directory for Every Organization. Cloud Apps and Users from Organizations. Your LoB Apps. Apps you Sell. Apps you buy.

hien
Download Presentation

Vittorio Bertocci Principal Program Manager 3-042

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows Azure Active Directory: Enabling Single Sign On andDirectory Services for Cloud SaaSApps Vittorio Bertocci Principal Program Manager 3-042

  2. One Cloud Directory for Every Organization

  3. Cloud Apps and Users from Organizations Your LoB Apps Apps you Sell Apps you buy Your Customers’ Directories Your Directory

  4. Agenda • The Directory Pattern • Directory in Action: Windows Azure for Organizations • Your Directory and Line of Business Apps in the Cloud • Your Customer’s Directory and your SaaS Apps in the Cloud

  5. Directories

  6. The Directory Approach DirectReports MemberOf Asset

  7. Anatomy of Windows Azure Active Directory Windows Azure Active Directory OAuth2 Management Portal SAML-P WS-Federation Graph API Metadata Contoso’s WA AD Tenant Dir Sync App A M Contoso’s On-Premises Directory

  8. Directory in Action:Windows Azure for Organizations

  9. DEMO • Accessing the Windows Azure Portal With an Organizational Identity

  10. Advantages of Using Organizational Identities • In a word: control • Centrally managed provisioning and deprovisioning • Enforceable credential policies • Multiple authentication factor • Better User Experience • Less credentials to remember

  11. Your Directory and Your Line of Business Apps in the Cloud

  12. DEMO • Using the ASP.NET tools to connect to Windows Azure AD

  13. Connecting your LoB App to Windows Azure AD WIF Config WIF Modules ServicePrincipal Contoso’s WA AD Tenant Your LoB App

  14. The Graph API • RESTful Interface to Windows Azure Active Directory • Compatible with Odata V3 • Uses OAuth 2.0 for Authentication and Role Based Assignment for Application and Users, for Authorization • Programmatic access to Windows Azure Active Directory • Objects such as Users, Groups, Contacts, Tenant Information, Licensing, Roles • Support Links such as Member, memberOf, Manager, DirectReport • Differential queries • Requests use standard HTTP methods • GET, POST, PATCH, DELETE to create, read, update, and delete directory objects. • Response support XML and JSON, and standard HTTP status codes

  15. Your Customer’s Directory and Your SaaS Apps in the Cloud

  16. DEMO • Seamless Consent for SaaS Apps

  17. The Application Publishing Flow Windows Azure AD Portal Seller Dashboard Visual Studio App • Register your app in the Seller Hub • - create keys, catalog entries… • - paste keys back in the app code • Modify your app to • - admit multiple tenants • - Handle consent messages

  18. DEMO • The SaaS Application Publishing Cycle

  19. Multi-tenancy and Consent Flow WIF Config MultitenantTokenHandler Reference WIF Modules Consent Module ServicePrincipal Fabrikam’s WA AD Tenant MultitenantTokenHandler Your SaaS App ServicePrincipal Contoso’s WA AD Tenant

  20. DEMO • Using BOX with Windows Azure Active Directory

  21. One Cloud Directory for Every Organization Windows Azure Active Directory Windows Azure Active Directory Your LoB Apps Apps you Sell Apps you buy Your Customers’ Directories Your Directory

  22. Resources • Develop: http://msdn.microsoft.com/en-US/windows/apps/br229512 • Design: http://design.windows.com/ • Samples: http://code.msdn.microsoft.com/windowsapps/Windows-8-Modern-Style-App-Samples • Videos: http://channel9.msdn.com/Windows Please submit session evals by using the Build Windows 8 app or at http://aka.ms/BuildSessions

More Related