Solution Architecture for Multi-Tenant Application

Yesterday Windows Azure Active Directory became generally available. As part of the launch we provided three tutorials that not only show you how to tackle important scenarios end to end, but they are also full of useful tricks that can be reused even in different contexts. As I did yesterday for Walkthrough #1: Adding Sign-On to Your Web Application Using Windows Azure AD, here I am going to call out (for your and search engines’ benefit) the pieces of reusable guidance you can find in Walkthrough #3: Developing Multi-Tenant Web Applications with Windows Azure AD.

You might wonder: what happened to Walkthrough #2? Well, since I didn’t write it (Ed did) I don’t want to risk misrepresenting its content Smile

Among other things, the tutorial will teach you:

  • How to use the Windows Azure portal to
    • “promote” one single tenant application to be available to any other Windows Azure AD tenant admin who consent to grant it directory access rights
    • work with the application configuration settings
  • Modify WIF settings to handle authentication requirements action by action, as opposed to the default blanket authentication
    • change config setings, write a custom Account controller for generating sign n messages programmatically
    • integrate with forms authentication redirect mechanisms
  • Write a custom ValidatingIssuerNameRegistry implementation to hold a list of issuers outside of the web.config
  • Use the Windows Azure AD “tenantless endpoint” to handle sign in flow for multiple tenants at once
  • Write logic for refreshing signature check keys in the out-of-web.config custom ValidatingIssuerNameRegistry store
  • Implement organizational sign-up: Windows Azure AD consent URL generation logic and associated consent response handling
  • Experience just-in-time onboarding

That is quite the list! And yet: if you wrote multi tenant apps handling identity in the past, I am sure you’ll be pleasantly surprised by how easy Windows Azure AD makes the entire thing Smile head to the walkthrough and get your hands dirty!


2 Responses to Walkthrough #3: Developing Multi-Tenant Web Applications with Windows Azure AD

  1. […] Walkthrough #3: Developing Multi-Tenant Web Applications with Windows Azure AD – Vittorio Bertocci highlights another Walkthrough which takes you through the use of Windows Azure AD, looking at how you can use the new functionality to support multi-tenancy in your applications […]

Leave a Reply

Your email address will not be published. Required fields are marked *