SlideShare ist ein Scribd-Unternehmen logo

Microsoft Azure Identity and O365

Als PPTX, PDF herunterladen
Kris Wagner
Kris Wagner

Identity and Access (AD), Azure and Office 365: Building a Single Page Application (SPA) with ASP.NET Web API and Angular.js using Azure Active Directory to Log in Users

Technologie
1 von 45
(Azure+O365) Identity Kris Wagner MVP + Sean Lawerence @SharePointKris @SeanmLawrence Microsoft Azure
Agenda • Why our cloud • Authentication 101, getting things done • How to use Office 365 and Azure on your app (+ with access control)
A story about two organizations...
Video
A better cloud From private or hybrid and IaaS to full PaaS/SaaS
Azure + o365 • Fully flexible: Private, on premises, hybrid or cloud • The power of o365: Leverage Office, SharePoint and Exchange Online as your application building blocks • Identity is the glue that makes all of that possible
Your identity goes with you 3rd party clouds/hosting Azure AD You
How do we make all of that work? • Enabling modern authentication protocols • Using great building blocks on your apps
Enabling modern authentication protocols
Modern Authentication Protocols OAuth 2.0 OAuth 2.0 WS-Fed, SAML 2.0, OpenID Connect OAuth 2.0
Web Application Browser WS-Fed SAML 2.0 OpenID Connect Modern Authentication Protocols
Web API Web API Native App OAuth 2.0 OpenID Connect OAuth 2.0 OnBehalfOf Modern Authentication Protocols
Web APP Web API OAuth 2.0 client_credentials Modern Authentication Protocols
Claims about the user Object ID b3809430-6c28-4e43-870d-fa7d38636dcd Tenant ID 81aabdd2-3682-48fd-9efa-2cb2fcea8557 Security Display Subject Name First Name Last Name frank@contoso.com Frank Miller m70fSk8OdeYYyCYY6C3922lmZMz9JKCGR0P1
• Good news: You don’t need to know these things in details • Libraries such as Azure Active Directory Authentication Library do all the plumbing for you Authentication libraries
Enabling great building blocks
• Provides identity and access management for the cloud • Users, groups, applications and permissions Building blocks: Azure Active Directory
• REST API for Azure Active Directory • Allows programmatic access to users, groups, applications and permissions Example: Nick creates a PowerShell script that provisions the required permissions for his application to an Azure tenant Building blocks: Graph API
• The best Office productivity tools, available online • Includes REST APIs you can use from your applications • Seamless integration with Azure Active Directory Example: An application can automatically scan e-mails from Exchange online and generate a Word document with a summary, saving it on SharePoint online Building blocks: Office 365
So how do we build it?
For a typical Web Application
Step 1: Visual Studio, file new project
Step 2: Click “Change Authentication”
Step 3: Configure organizational account
What happens then: Visual Studio configures the application permission settings for you on Azure Active Directory! Visual Studio App permissions Azure AD
More complex scenario: Mobile app -> mobile service -> O365
Nick (the developer) registers two applications: • A mobile web service • A mobile client Step 1: Register your apps on Azure AD
AD needs to know which web service the “MobileServices” app is actually referring to. Step 2: Map the AD app to the actual web service
The client app must be allowed to call the web service. It is also allowed to logon to Azure Active Directory (by default) Step 3: Set permissions
And the web service is allowed to call SharePoint online and Graph API Step 3: Set permissions
Nick can make his app multi tenant, so James from Contoso Inc. could use it in his organization if the permissions were set correctly Step 4 (optional): Making an app multi tenant Woodgrove Contoso
Step 5: User logs on to the app A user logs on to the app for the first time. Consent is presented. This is basically saying: “This is what the app will do, are you ok with it?”
Step 5: User logs on to the app If the user is the global admin for the Azure tenant, the consent asks if the admin wants to grant permissions for the app across all users of that organization. admin
Go to app access panel: http://myapps.microsoft.com/ •Where users see apps they have access to •Includes apps they’ve consented to •Users can revoke consented apps Step 6 (optional): What if I change my mind later?
Implementation details Let’s dive deeper into the Rabbit’s hole
Active Directory Authentication Library (ADAL) string clientId = "[Enter client ID as obtained from Azure Portal]"; string authority = "https://login.windows.net/[your tenant name]"; string myURI = "[Enter App ID URI of your service]"; AuthenticationContext authContext = new AuthenticationContext(authority); AuthenticationResult result = await authContext.AcquireTokenAsync(myURI, clientId);
Graph API • RESTful interface to Azure Active Directory • Tenant Specific – queries are scoped to individual tenant context • Programmatic access to directory objects such as Users, Groups, Contacts, Tenant Information, Roles, Applications and Permissions • Access relationships: members, memberOf, manager, directReports • Requests use standard HTTP methods • GET, POST, PATCH, DELETE to create, read, update, and delete • Response support JSON, XML, standard HTTP status codes • Compatible with OData V3 • OAuth 2.0 Support • Both Client Credentials and Authorization Code flow
https://graph.windows.net/contoso.com/users?api- version=2013-04-05&$filter=state eq ‘WA’ Graph URL (static) Specific entity type, such as users, groups, contacts, tenantDetails, roles, applications, etc. Tenant of interest – can be tenant’s verified domain or objectId. Optional Odata query arguments: $filter, $top API version – “2013-04- 05” is the 1.0 version Graph API
Office 365 REST APIs • RESTful interface to Office on the cloud • File APIs for OneDrive for Business • Mail, Calendar and Contacts APIs on Exchange online • SharePoint online APIs Example: GET ../_api/files(<file_path>)/download Downloads a file stored on SharePoint online / OneDrive for Business • OAuth 2.0 Support
Demo: Facilities app
Application Model Consent Contoso Azure AD Facilities App settings + Facilities Web Service settings (multi tenant) Azure AD Woodgrove Facilities App settings + Facilities Web Service settings
Authentication and Authorization to Graph API 2. Return token 1. Request JWT token (pass input claims) 3. HTTP Request with JWT Token Azure Active Directory 4. Return Response and Data Azure AD
Application Walkthrough’s https://github.com/AzureADSamples Some examples: WebApp-WebAPI-OAuth2-UserIdentity-DotNet WebApp-WebAPI-OpenIDConnect-DotNet WebApp-GraphAPI-PHP WebAPI-Nodejs NativeClient-Xamarin-iOS NativeClient-iOS
Labs on Graph API https://github.com/AzureADSamples?query=Graph WebApp-GraphAPI-DotNet WebApp-GraphAPI-PHP WebApp-GraphAPI-Java ConsoleApp-GraphAPI-DiffQuery-DotNet WindowsAzureAD-GraphAPI-Sample-PHP WindowsAzureAD-GraphAPI-Sample-OrgChart
Microsoft Azure Identity and O365

Empfohlen

EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnPeter Selch Dahl
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGAzure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGRoy Kim
 
Windows azure active directory
Windows azure active directoryWindows azure active directory
Windows azure active directoryKrunal Trivedi
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOPeter Selch Dahl
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure DevelopersKrunal Trivedi
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 

Empfohlen

EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnPeter Selch Dahl
 
Identity and o365 on Azure
Identity and o365 on AzureIdentity and o365 on Azure
Identity and o365 on AzureMostafa
 
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGAzure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGRoy Kim
 
Windows azure active directory
Windows azure active directoryWindows azure active directory
Windows azure active directoryKrunal Trivedi
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOPeter Selch Dahl
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryPavel Revenkov
 
Certifications for Azure Developers
Certifications for Azure DevelopersCertifications for Azure Developers
Certifications for Azure DevelopersKrunal Trivedi
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectoryThurupathan Vijayakumar
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryKrunal Trivedi
 
Developing Apps with Azure AD
Developing Apps with Azure ADDeveloping Apps with Azure AD
Developing Apps with Azure ADSharePointRadi
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAMRichard Harvey
 
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Roy Kim
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectRonny de Jong
 
Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365nelmedia
 
Microsoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesMicrosoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesAndre Debilloez
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersJohn Garland
 
Azure active directory
Azure active directoryAzure active directory
Azure active directoryRaju Kumar
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge readyMostafa
 
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentAzure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectorySovelto
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAnthony Clendenen
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Michael Collier
 
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...Peter Selch Dahl
 
Hitchhiker's Guide to Azure AD - SPSKC
Hitchhiker's Guide to Azure AD - SPSKCHitchhiker's Guide to Azure AD - SPSKC
Hitchhiker's Guide to Azure AD - SPSKCMax Fritz
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainSean Deuby
 
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsO365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsNCCOMMS
 
Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiGirish Kalamati
 

Weitere ähnliche Inhalte

Was ist angesagt?

Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active DirectoryKrunal Trivedi
 
Developing Apps with Azure AD
Developing Apps with Azure ADDeveloping Apps with Azure AD
Developing Apps with Azure ADSharePointRadi
 
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Roy Kim
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectRonny de Jong
 
Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365nelmedia
 
Microsoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesMicrosoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesAndre Debilloez
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersJohn Garland
 
Azure active directory
Azure active directoryAzure active directory
Azure active directoryRaju Kumar
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge readyMostafa
 
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentAzure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentRoy Kim
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active DirectorySovelto
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAnthony Clendenen
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Michael Collier
 
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...Peter Selch Dahl
 
Hitchhiker's Guide to Azure AD - SPSKC
Hitchhiker's Guide to Azure AD - SPSKCHitchhiker's Guide to Azure AD - SPSKC
Hitchhiker's Guide to Azure AD - SPSKCMax Fritz
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainSean Deuby
 
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsO365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsNCCOMMS
 

Was ist angesagt? (20)

Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 
Developing Apps with Azure AD
Developing Apps with Azure ADDeveloping Apps with Azure AD
Developing Apps with Azure AD
 
ADFS + IAM
ADFS + IAMADFS + IAM
ADFS + IAM
 
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
 
Get your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD ConnectGet your Hybrid Identity in 4 steps with Azure AD Connect
Get your Hybrid Identity in 4 steps with Azure AD Connect
 
Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365Integrating your on-premises Active Directory with Azure and Office 365
Integrating your on-premises Active Directory with Azure and Office 365
 
Microsoft Azure ad in 10 slides
Microsoft Azure ad in 10 slidesMicrosoft Azure ad in 10 slides
Microsoft Azure ad in 10 slides
 
Azure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for DevelopersAzure Active Directory - An Introduction for Developers
Azure Active Directory - An Introduction for Developers
 
Azure active directory
Azure active directoryAzure active directory
Azure active directory
 
Get your site microsoft edge ready
Get your site microsoft edge readyGet your site microsoft edge ready
Get your site microsoft edge ready
 
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentAzure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
 
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
Using Windows Azure for Solving Identity Management Challenges (Visual Studio...
 
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
 
Hitchhiker's Guide to Azure AD - SPSKC
Hitchhiker's Guide to Azure AD - SPSKCHitchhiker's Guide to Azure AD - SPSKC
Hitchhiker's Guide to Azure AD - SPSKC
 
Azure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over AgainAzure AD and Office 365 - Deja Vu All Over Again
Azure AD and Office 365 - Deja Vu All Over Again
 
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric ShuppsO365Con18 - Introduction to Azure Web Applications - Eric Shupps
O365Con18 - Introduction to Azure Web Applications - Eric Shupps
 

Ähnlich wie Microsoft Azure Identity and O365

Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...SPC Adriatics
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiGirish Kalamati
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADuberbaum
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudChris Dufour
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD Peter Selch Dahl
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a serviceBizTalk360
 
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalMake IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalBIWUG
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricSpiffy
 
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...atwork
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identityJoTechies
 
Get started with building native mobile apps interacting with SharePoint
Get started with building native mobile apps interacting with SharePointGet started with building native mobile apps interacting with SharePoint
Get started with building native mobile apps interacting with SharePointYaroslav Pentsarskyy [MVP]
 
Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020Microsoft 365 Developer
 
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...NCCOMMS
 
Get started azure- Azure Mobile Services
Get started azure- Azure Mobile ServicesGet started azure- Azure Mobile Services
Get started azure- Azure Mobile ServicesSenthamil Selvan
 
Community call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platformCommunity call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platformMicrosoft 365 Developer
 
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Max Fritz
 
Azure API Apps
Azure API AppsAzure API Apps
Azure API AppsBizTalk360
 
Secure and Streamline Access to Your AWS Management Console with Okta PPT
Secure and Streamline Access to Your AWS Management Console with Okta PPTSecure and Streamline Access to Your AWS Management Console with Okta PPT
Secure and Streamline Access to Your AWS Management Console with Okta PPTAmazon Web Services
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittalManoj Mittal
 

Ähnlich wie Microsoft Azure Identity and O365 (20)

Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...Understanding SharePoint Apps, authentication and authorization infrastructur...
Understanding SharePoint Apps, authentication and authorization infrastructur...
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
 
Windows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the CloudWindows Azure Active Directory: Identity Management in the Cloud
Windows Azure Active Directory: Identity Management in the Cloud
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
 
Azure - Identity as a service
Azure - Identity as a serviceAzure - Identity as a service
Azure - Identity as a service
 
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professionalMake IT Pro's great again: Microsoft Azure for the SharePoint professional
Make IT Pro's great again: Microsoft Azure for the SharePoint professional
 
CTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App FabricCTU June 2011 - Windows Azure App Fabric
CTU June 2011 - Windows Azure App Fabric
 
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
TechNet Conference 2013 Berlin-Wie Sie Office 365 mit Windows Azure steuern b...
 
JoTechies - Cloud identity
JoTechies - Cloud identityJoTechies - Cloud identity
JoTechies - Cloud identity
 
Get started with building native mobile apps interacting with SharePoint
Get started with building native mobile apps interacting with SharePointGet started with building native mobile apps interacting with SharePoint
Get started with building native mobile apps interacting with SharePoint
 
Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020Microsoft Teams community call - February 2020
Microsoft Teams community call - February 2020
 
Demystifying identity on AWS
Demystifying identity on AWSDemystifying identity on AWS
Demystifying identity on AWS
 
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
SPCA2013 - It’s Me, and Here’s My ProofIdentity & Authentication in SharePoin...
 
Get started azure- Azure Mobile Services
Get started azure- Azure Mobile ServicesGet started azure- Azure Mobile Services
Get started azure- Azure Mobile Services
 
Community call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platformCommunity call: Develop multi tenant apps with the Microsoft identity platform
Community call: Develop multi tenant apps with the Microsoft identity platform
 
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
 
Azure API Apps
Azure API AppsAzure API Apps
Azure API Apps
 
Secure and Streamline Access to Your AWS Management Console with Okta PPT
Secure and Streamline Access to Your AWS Management Console with Okta PPTSecure and Streamline Access to Your AWS Management Console with Okta PPT
Secure and Streamline Access to Your AWS Management Console with Okta PPT
 
Microsoft identity manoj mittal
Microsoft identity manoj mittalMicrosoft identity manoj mittal
Microsoft identity manoj mittal
 

Mehr von Kris Wagner

CRM Online + Social Listening
CRM Online + Social Listening CRM Online + Social Listening
CRM Online + Social ListeningKris Wagner
 
Hooking SharePoint APIs with Android
Hooking SharePoint APIs with AndroidHooking SharePoint APIs with Android
Hooking SharePoint APIs with AndroidKris Wagner
 
Azure AD OAuth in Office 365
Azure AD OAuth in Office 365Azure AD OAuth in Office 365
Azure AD OAuth in Office 365Kris Wagner
 
Empower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMSEmpower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMSKris Wagner
 
Hooking into Apps for SharePoint
Hooking into Apps for SharePointHooking into Apps for SharePoint
Hooking into Apps for SharePointKris Wagner
 
Cloud Powered Mobile Apps with Azure
Cloud Powered Mobile Apps with AzureCloud Powered Mobile Apps with Azure
Cloud Powered Mobile Apps with AzureKris Wagner
 
GAB Intro to Azure & Hands on Lab
GAB Intro to Azure & Hands on LabGAB Intro to Azure & Hands on Lab
GAB Intro to Azure & Hands on LabKris Wagner
 
The Social Side Of SharePoint
The Social Side Of SharePointThe Social Side Of SharePoint
The Social Side Of SharePointKris Wagner
 

Mehr von Kris Wagner (8)

CRM Online + Social Listening
CRM Online + Social Listening CRM Online + Social Listening
CRM Online + Social Listening
 
Hooking SharePoint APIs with Android
Hooking SharePoint APIs with AndroidHooking SharePoint APIs with Android
Hooking SharePoint APIs with Android
 
Azure AD OAuth in Office 365
Azure AD OAuth in Office 365Azure AD OAuth in Office 365
Azure AD OAuth in Office 365
 
Empower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMSEmpower Enterprise Mobility with Microsoft EMS
Empower Enterprise Mobility with Microsoft EMS
 
Hooking into Apps for SharePoint
Hooking into Apps for SharePointHooking into Apps for SharePoint
Hooking into Apps for SharePoint
 
Cloud Powered Mobile Apps with Azure
Cloud Powered Mobile Apps with AzureCloud Powered Mobile Apps with Azure
Cloud Powered Mobile Apps with Azure
 
GAB Intro to Azure & Hands on Lab
GAB Intro to Azure & Hands on LabGAB Intro to Azure & Hands on Lab
GAB Intro to Azure & Hands on Lab
 
The Social Side Of SharePoint
The Social Side Of SharePointThe Social Side Of SharePoint
The Social Side Of SharePoint
 

Kürzlich hochgeladen

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 

Kürzlich hochgeladen (20)

CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 

Microsoft Azure Identity and O365

  • 1. (Azure+O365) Identity Kris Wagner MVP + Sean Lawerence @SharePointKris @SeanmLawrence Microsoft Azure
  • 2. Agenda • Why our cloud • Authentication 101, getting things done • How to use Office 365 and Azure on your app (+ with access control)
  • 3. A story about two organizations...
  • 5. A better cloud From private or hybrid and IaaS to full PaaS/SaaS
  • 6. Azure + o365 • Fully flexible: Private, on premises, hybrid or cloud • The power of o365: Leverage Office, SharePoint and Exchange Online as your application building blocks • Identity is the glue that makes all of that possible
  • 7. Your identity goes with you 3rd party clouds/hosting Azure AD You
  • 8. How do we make all of that work? • Enabling modern authentication protocols • Using great building blocks on your apps
  • 10. Modern Authentication Protocols OAuth 2.0 OAuth 2.0 WS-Fed, SAML 2.0, OpenID Connect OAuth 2.0
  • 12. Web API Web API Native App OAuth 2.0 OpenID Connect OAuth 2.0 OnBehalfOf Modern Authentication Protocols
  • 14. Claims about the user Object ID b3809430-6c28-4e43-870d-fa7d38636dcd Tenant ID 81aabdd2-3682-48fd-9efa-2cb2fcea8557 Security Display Subject Name First Name Last Name frank@contoso.com Frank Miller m70fSk8OdeYYyCYY6C3922lmZMz9JKCGR0P1
  • 15. • Good news: You don’t need to know these things in details • Libraries such as Azure Active Directory Authentication Library do all the plumbing for you Authentication libraries
  • 17. • Provides identity and access management for the cloud • Users, groups, applications and permissions Building blocks: Azure Active Directory
  • 18. • REST API for Azure Active Directory • Allows programmatic access to users, groups, applications and permissions Example: Nick creates a PowerShell script that provisions the required permissions for his application to an Azure tenant Building blocks: Graph API
  • 19. • The best Office productivity tools, available online • Includes REST APIs you can use from your applications • Seamless integration with Azure Active Directory Example: An application can automatically scan e-mails from Exchange online and generate a Word document with a summary, saving it on SharePoint online Building blocks: Office 365
  • 20. So how do we build it?
  • 21. For a typical Web Application
  • 22. Step 1: Visual Studio, file new project
  • 23. Step 2: Click “Change Authentication”
  • 24. Step 3: Configure organizational account
  • 25. What happens then: Visual Studio configures the application permission settings for you on Azure Active Directory! Visual Studio App permissions Azure AD
  • 26. More complex scenario: Mobile app -> mobile service -> O365
  • 27. Nick (the developer) registers two applications: • A mobile web service • A mobile client Step 1: Register your apps on Azure AD
  • 28. AD needs to know which web service the “MobileServices” app is actually referring to. Step 2: Map the AD app to the actual web service
  • 29. The client app must be allowed to call the web service. It is also allowed to logon to Azure Active Directory (by default) Step 3: Set permissions
  • 30. And the web service is allowed to call SharePoint online and Graph API Step 3: Set permissions
  • 31. Nick can make his app multi tenant, so James from Contoso Inc. could use it in his organization if the permissions were set correctly Step 4 (optional): Making an app multi tenant Woodgrove Contoso
  • 32. Step 5: User logs on to the app A user logs on to the app for the first time. Consent is presented. This is basically saying: “This is what the app will do, are you ok with it?”
  • 33. Step 5: User logs on to the app If the user is the global admin for the Azure tenant, the consent asks if the admin wants to grant permissions for the app across all users of that organization. admin
  • 34. Go to app access panel: http://myapps.microsoft.com/ •Where users see apps they have access to •Includes apps they’ve consented to •Users can revoke consented apps Step 6 (optional): What if I change my mind later?
  • 35. Implementation details Let’s dive deeper into the Rabbit’s hole
  • 36. Active Directory Authentication Library (ADAL) string clientId = "[Enter client ID as obtained from Azure Portal]"; string authority = "https://login.windows.net/[your tenant name]"; string myURI = "[Enter App ID URI of your service]"; AuthenticationContext authContext = new AuthenticationContext(authority); AuthenticationResult result = await authContext.AcquireTokenAsync(myURI, clientId);
  • 37. Graph API • RESTful interface to Azure Active Directory • Tenant Specific – queries are scoped to individual tenant context • Programmatic access to directory objects such as Users, Groups, Contacts, Tenant Information, Roles, Applications and Permissions • Access relationships: members, memberOf, manager, directReports • Requests use standard HTTP methods • GET, POST, PATCH, DELETE to create, read, update, and delete • Response support JSON, XML, standard HTTP status codes • Compatible with OData V3 • OAuth 2.0 Support • Both Client Credentials and Authorization Code flow
  • 38. https://graph.windows.net/contoso.com/users?api- version=2013-04-05&$filter=state eq ‘WA’ Graph URL (static) Specific entity type, such as users, groups, contacts, tenantDetails, roles, applications, etc. Tenant of interest – can be tenant’s verified domain or objectId. Optional Odata query arguments: $filter, $top API version – “2013-04- 05” is the 1.0 version Graph API
  • 39. Office 365 REST APIs • RESTful interface to Office on the cloud • File APIs for OneDrive for Business • Mail, Calendar and Contacts APIs on Exchange online • SharePoint online APIs Example: GET ../_api/files(<file_path>)/download Downloads a file stored on SharePoint online / OneDrive for Business • OAuth 2.0 Support
  • 41. Application Model Consent Contoso Azure AD Facilities App settings + Facilities Web Service settings (multi tenant) Azure AD Woodgrove Facilities App settings + Facilities Web Service settings
  • 42. Authentication and Authorization to Graph API 2. Return token 1. Request JWT token (pass input claims) 3. HTTP Request with JWT Token Azure Active Directory 4. Return Response and Data Azure AD
  • 44. Labs on Graph API https://github.com/AzureADSamples?query=Graph WebApp-GraphAPI-DotNet WebApp-GraphAPI-PHP WebApp-GraphAPI-Java ConsoleApp-GraphAPI-DiffQuery-DotNet WindowsAzureAD-GraphAPI-Sample-PHP WindowsAzureAD-GraphAPI-Sample-OrgChart

Hinweis der Redaktion

  1. Speaker note: Azure with Office 365 working together with the power of identity and access control
  2. Speaker note: The goal is not doing a deep dive on authentication protocols but present options and a high level view of what to use when
  3. https://github.com/Azure-Readiness/MicrosoftAzureTrainingKit/tree/master/Demos/Demo-MobileServices