Presentation is loading. Please wait.

Presentation is loading. Please wait.

4/18/2018 1:15 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Published byPatience Pope Modified over 6 years ago

Similar presentations

Presentation on theme: "4/18/2018 1:15 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN."— Presentation transcript:

1 4/18/2018 1:15 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Azure Active Directory v2 Endpoint and MSAL - What's New
Microsoft Build 2017 4/18/2018 1:15 PM P4031 Azure Active Directory v2 Endpoint and MSAL - What's New Stuart Kwan Principal Program Manager @stuartkwan © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 In This Presentation Cloud based identity services
Azure AD v1 and v2 endpoints Demo: Azure AD v2 endpoint and MSAL What’s coming next for v2 endpoint When I mention v2 dev guide:

4 Cloud Based Identity Services
? Client Service Client Service Active Directory cloud on-premises

5 Cloud Based Identity Services
Microsoft Build 2017 4/18/2018 1:15 PM Cloud Based Identity Services Benefits of Azure AD: SSO with AD, Office 365, Outlook.com, and more Enhanced control with Conditional Access Enhanced security with Identity Protection Use SDK of your choice supporting OAuth 2.0 or OpenID Connect standards More than just sign-in – access Microsoft Graph Used by Microsoft cloud services – high scale, performance, availability Azure AD Client Service cloud on-premises Client Service Active Directory © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 What is the Azure AD v2 Endpoint?
Sign in Azure AD work & school accounts plus Microsoft personal accounts Interop and feature improvements (including breaking changes) New client library family: Microsoft Authentication Library (MSAL) Microsoft account v1 v2 Azure AD v1 AD AD AD

7 Key Improvements v1 versus v2
scope instead of resource parameter for interop v1: resource= v2: scope= Dynamic instead of static consent for incremental consent id_token claims updated to OpenID Connect standard Single app registration to represent native, web app combo

8 Demo: Azure AD v2 endpoint and MSAL
4/18/2018 1:15 PM Demo: Azure AD v2 endpoint and MSAL © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Microsoft Build 2017 4/18/2018 1:15 PM MSAL Preview Previews available: .Net/Xamarin, iOS, Android, JavaScript Supported for use in production See for downloads, samples, and more Key enhancements from ADAL From AuthenticationContext() to XxxClientApplication() Default redirect URI for native clients First class representation of User AcquireTokenAsync() always interactive System web view facilitates SSO between native apps and web apps © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 What is Coming Next in v2 (as of April 2017)
Microsoft Build 2017 4/18/2018 1:15 PM What is Coming Next in v2 (as of April 2017) Feature v1 Endpoint (Azure AD only) v2 Endpoint (Azure AD + MSA) OpenID Connect 1.0 GA OAuth 2.0: authorization code grant – used by native and web apps OAuth 2.0: client credentials grant (secret or certificate) – used by daemon apps OAuth 2.0: implicit grant – used by single page apps OAuth 2.0: On Behalf Of exchange – used by web APIs calling other web APIs Admin consent and admin-only scopes Conditional Access including device health rules Register scopes for your own web API Soon Get access tokens to Azure AD-only scopes e.g. Azure ARM Group claims, role claims, claim Later Sovereign cloud endpoints OAuth 2.0: device profile – used with limited UI devices Preserve user session state from ADAL to MSAL N/A Update Azure AD-only app registration to Azure AD+MSA © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Scenario Details For Identity Geeks
client resource soon apps that support Azure AD+MSA (managed via App Reg Portal, v2 soon R1 MSAL C1 GA GA MS Graph v1 GA apps that support Azure AD-only (managed via Azure Portal) ADAL C2 GA GA R2

12 When to Use v1 Versus v2 At time of this recording (April 2017)
If you need to sign in both Azure AD and MS accounts, use v2 and MSAL Otherwise, use v1 and ADAL Including if you are already using v1 and ADAL If you find yourself putting ADAL and MSAL into the same application, pause, find us on Stack Overflow (tag: MSAL) Watch Azure AD dev guide for updates:

13 https://azure.microsoft.com/develop/identity
Microsoft Build 2017 4/18/2018 1:15 PM Next Steps Dev guides Samples How to get help on Stack Overflow Also Vittorio Bertocci’s Build session: B8084: The keys to the cloud: Use Microsoft identities to sign in and access API from your mobile and web apps © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 4/18/2018 1:15 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "4/18/2018 1:15 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN."

Similar presentations

FI-WARE Testbed Access Control temporary solution.

FI-WARE Testbed Access Control temporary solution.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.

1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
Identity & Access Control in the Cloud Name Title Organization.

Identity & Access Control in the Cloud Name Title Organization.
A Lap Around Windows Azure Active Directory Stuart Kwan Lead Principal Program Manager Microsoft Corporation SIA209.

A Lap Around Windows Azure Active Directory Stuart Kwan Lead Principal Program Manager Microsoft Corporation SIA209.
101 ways to authenticate with Azure Active Directory

101 ways to authenticate with Azure Active Directory
Cloud Roadshow. Getting Started with mobile app development with the Office 365 APIs.

Cloud Roadshow. Getting Started with mobile app development with the Office 365 APIs.
Building consumer apps with Azure AD B2C

Building consumer apps with Azure AD B2C
Secure Mobile Development with NetIQ Access Manager

Secure Mobile Development with NetIQ Access Manager
Today’s Applications Web API Browser Native app Web API Web API

Today’s Applications Web API Browser Native app Web API Web API
Martina Grom MVP Office 365 How to (remote) control Office 365 with Azure Toni Pohl MVP Client Dev

Martina Grom MVP Office 365 How to (remote) control Office 365 with Azure Toni Pohl MVP Client Dev
11 | Managing User Info Jeremy Foster Michael Palermo

11 | Managing User Info Jeremy Foster Michael Palermo
Developers Introduction to the Power BI Platform.

Developers Introduction to the Power BI Platform.
A deep dive into Azure AD B2C

A deep dive into Azure AD B2C
A lap around Azure Active Directory Business to Consumer (B2C)

A lap around Azure Active Directory Business to Consumer (B2C)
Azure Active Directory - Business 2 Consumer

Azure Active Directory - Business 2 Consumer
Azure Active Directory voor Developers

Azure Active Directory voor Developers
Office 365 Developer Overview

Office 365 Developer Overview
5/27/2018 12:57 PM Tips & Tricks for Deploying and Managing Microsoft Dynamics 365 for Sales and Service Sean McNellis Shawn Dieken Dynamics 365 Principal.

5/27/ :57 PM Tips & Tricks for Deploying and Managing Microsoft Dynamics 365 for Sales and Service Sean McNellis Shawn Dieken Dynamics 365 Principal.
5/29/2018 1:51 AM THR2071 Managing enterprise applications, permissions, and consent in Azure Active Directory Adam Steenwyk & Jeff Sakowicz Program Managers.

5/29/2018 1:51 AM THR2071 Managing enterprise applications, permissions, and consent in Azure Active Directory Adam Steenwyk & Jeff Sakowicz Program Managers.
Microsoft 2016 6/4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Microsoft /4/2018 8:21 AM BRK3082 Build solutions and apps with Microsoft OneDrive API and Microsoft Graph API Ryan Gregg Principal Program Manger,

Similar presentations

Ads by Google