WAAD THE F**K

Transcript

1. WAAD THE F**K Introducing Windows Azure Active Directory

2. Hi! Robert Muehsig CodeInside.eu @robert0muehsig Web Geek & ASP.NET MVP

   Working @ OneOffixx AG
3. None

4. Uhmm… I might know… The „Windows Azure Active Directory“ Naming

   = Marketing

5. Recap Active Directory - LDAP - User / Machines -

   Old… - Easy to use…

6. Welcome to a new World The Cloud Problem: Authentication &

   Authorization & Identity Data

7. Authentication via SAML / WS-Fed • First „idea“ how to

   work in a connected world • WS-* Family • Claims • XML-based

8. Authentication via SAML / WS-Fed Problem: I need more data?!

   (from other users…)

9. Introducing Windows Azure Active Directory Like Facebook. But for Enterprises.

10. Introducing Windows Azure Active Directory • Single sign-on • Auth

    based on Webstandards (SAML 2.0, WS-Fed, OpenId) • „Graph API“ – REST API • Identity & Access Management • Active Directory Integration via „DirSync“ or ADFS • Used in Office 365

11. Introducing Windows Azure Active Directory IT-Pro & Dev Heaven

12. DEMOS

13. Recap ✓ Sign in with Azure User

14. Recap ✓ Sign in with Azure Users ✓ Read &

    Write Directory Data

15. Recap ✓ Sign in with Azure Users ✓ Read &

    Write Directory Data ✓ WAAD Secured WebApi&Client
16. None

17. Meet the Management Portal

18. None

19. Demo: VS 2013 Wizard Just code…

20. Recap Wizard • WS-Fed • Authentication • Web.config-Magic

21. Demo: Auth with OpenID Connect Just Code…

22. Recap OpenID Connect with Azure AD • Identity Layer on

    top of OAuth 2.0 • Web-Friendly • OWIN based

23. Recap OpenID Connect with Azure AD • Sign-In Code =>

    AccountController.cs app.UseOpenIdConnectAuthentication( new OpenIdConnectAuthenticationOptions { Client_Id = clientId, Authority = authority, Post_Logout_Redirect_Uri = postLogoutRedirectUri });

24. Adding a Console Client Just Code…

25. Recap Adding a Console Client • „Web API“ Service Manifest

    • Each „Client App“ needs an ID and Access Permissions • Another OWIN Middleware • ADAL – Active Directory Authentication Library

26. Recap Adding a Console Client OWIN Magic app.UseWindowsAzureActiveDirectoryBearerAuthent ication( new

    WindowsAzureActiveDirectoryBearerAuthentication Options { Audience = "https://localhost:44301/", Tenant = tenant, AuthenticationType = "OAuth2Bearer", });

27. Recap Adding a Console Client Web API Magic public class

    DemoController : ApiController { [HostAuthentication("OAuth2Bearer")] [Authorize] public string Get() { return ("Hello World @" + DateTime.UtcNow.ToShortTimeString() + " !"); } }

28. Demo: Graph API Just Code…

29. Recap Graph API • Managed API • CRUD • Query

    / Search Features Moar Magic

30. FAST Release Cycle • Very fast development cycle – many

    „previews“ and more features coming.
31. None

32. Resources https://github.com/AzureADSamples/ http://cloudidentity.com