It’s been few years that we’ve been innovating in the area of development libraries for authentication. Thanks to new technologies (e.g. NuGet) and our new approach to development (OSS) in the last couple of years we really picked up our pace, pushing out libraries at unprecedented speed. That is all more power for…
This is a classic Q I get pretty often – it’s time to get a post out and start replying by reference instead of by value The issue at hand is how to fully “sign out” (whatever that means for a native app) a user from a Windows Store client. The actual user…
Ha, I discovered that I kind of like to write short posts so here there’s another one. Azure AD endpoints can be constructed with both domain and tenantID interchangeably, “https://login.windows.net/developertenant.onmicrosoft.com/oauth2/authorize” and “https://login.windows.net/6c3d51dd-f0e5-4959-b4ea-a80c4e36fe5e/oauth2/authorize” are functionally equivalent – however the tenantID has some clear advantages. For example: it is immutable, globally unique and non-reassignable, while…
A typical authentication transaction with Azure AD will open with a generic credential gathering page. As the user enters his/her username, Azure AD figures out from the domain portion of the username if the actual credential gathering should take place elsewhere (for example, if the domain is associated with a federated tenant the…
It’s again preview time for ADAL .NET! I can’t believe we are already working on version 3 – this pace would have been unthinkable just few years back, and yet today it is barely enough to keep up with the new possibilities that the tech landscape offers. Version 1 and 2 have been…
Many web apps are structured as “single page apps”, or SPA: they have a JavaScript-heavy frontend and a Web API backend. Notable examples: Outlook Web App, Gmail. Properly securing SPA’s traffic between its JS frontend and its Web API backend requires an OAuth2 flow, the implicit grant, that Azure AD did not expose……
I can’t believe TechEd Europe is already a mere week away! This year I have just 1 session, but TONS of new stuff to cover… including news we didn’t break yet! 75 mins will be very tight, but I’ll do my best to fit everything in. If you want to put it in…
About one week ago I got a mail from my good friend Brady, who was looking for some clarifications about our Azure AD multitenant web app sample. That piqued my curiosity: Brady doesn’t stay still for one sec and we chat about identity all the time, but multitenancy? As it turns out, he…
This afternoon I was absentmindedly fiddling with one of our fossil plates, when my thoughts went to the upcoming Azure AD dev session I am scheduled to deliver in just few weeks at TechEd Europe. I have a lot of ground to cover: ideally I would like to talk about traditional web apps,…
As you already know, VS2013 introduced a new ASP.NET project creation experience that closely integrates with Azure AD – allowing you to provision an entry for your application right at project creation time, without the need to visit the portal. Projects created through that experience implement their identity functionality with Windows Identity Foundation….