1 / 24

Windows Azure Active Directory

Windows Azure Active Directory. Vittorio Bertocci vittorib@Microsoft.com @ vibronet. d irectories offer the best model for business applications. t raditional directories don’t work too well with cloud workloads. One Cloud Directory for Every Organization.

sol
Download Presentation

Windows Azure Active Directory

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Windows Azure Active Directory Vittorio Bertocci vittorib@Microsoft.com @vibronet

  2. directories offer the best modelfor business applications

  3. traditional directories don’t work too wellwith cloud workloads

  4. One Cloud Directory for Every Organization

  5. Cloud Apps and Users from Organizations Your LoB Apps Apps you sell Apps you buy Your Customers’ Directories Your Directory

  6. Agenda • The Directory Pattern • Directory in Action: Windows Azure for Organizations • Your Directory and Line of Business Apps in the Cloud • Your Customer’s Directory and your SaaS Apps in the Cloud

  7. Directories

  8. The Directory Approach MemberOf Direct Reports Asset

  9. Anatomy of Windows Azure Active Directory Windows Azure Active Directory OAuth2 Management Portal SAML-P WS-Federation Graph API Metadata Dir Sync Contoso’s WA AD Tenant A M Contoso’s On-Premises Directory App

  10. Directory in Action: Windows Azure for Organizations

  11. DEMO • Accessing the Windows Azure Portal With an Organizational Identity

  12. Advantages of Using Organizational Identities • Centrally managed provisioning and deprovisioning • Enforceable credential policies • Multiple authentication factor • Better User Experience • Less credentials to remember

  13. Your Directory and Your LoB Applications in the Cloud

  14. DEMO • Using the ASP.NET tools to connect to Windows Azure AD

  15. Connecting your LoB App to Windows Azure AD WIF Config WIF Modules ServicePrincipal Your LoB App Contoso’s WA AD Tenant

  16. The Graph API • RESTful Interface to Windows Azure Active Directory • Compatible with ODataV3 • Uses OAuth 2.0 for Authentication and Role Based Assignment for Application and Users, for Authorization • Programmatic access to Windows Azure Active Directory • Objects such as Users, Groups, Contacts, Tenant Information, Licensing, Roles • Support Links such as Member, memberOf, Manager, DirectReport • Differential queries • Requests use standard HTTP methods • GET, POST, PATCH, DELETE to create, read, update, and delete directory objects. • Response support XML and JSON, and standard HTTP status codes

  17. Your Customer’s Directory & Your SaaS Apps in the Cloud

  18. DEMO • Seamless Consent for SaaS Apps

  19. The Application Publishing Flow Seller Dashboard Visual Studio • Register your app in the Seller Hub • - create keys, catalog entries… • - paste keys back in the app code • Modify your app to • - admit multiple tenants • - handle consent messages Windows Azure AD Portal App

  20. DEMO • The SaaS Application Publishing Cycle

  21. Multi-tenancy and Consent Flow WIF Config MultitenantTokenHandler Reference WIF Modules Consent Module MultitenantTokenHandler ServicePrincipal Fabrikam’s WA AD Tenant ServicePrincipal Contoso’s WA AD Tenant Your SaaS App

  22. Resources • Get your free tenant at http://g.microsoftonline.com/0AX00en/5 • Download the samples and tutorials at https://activedirectory.windowsazure.com/develop/ • Give us feedback at http://social.msdn.microsoft.com/Forums/en-US/WindowsAzureAD/

  23. One Cloud Directory for Every Organization

  24. Thanks! • vittorib@microsoft.com • @vibronet • http://blogs.msdn.com/vbertocci

More Related