Presentation is loading. Please wait.

Presentation is loading. Please wait.

Build 2015 4/17/2017 12:42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE.

Published byBelinda Butler Modified over 8 years ago

Similar presentations

Presentation on theme: "Build 2015 4/17/2017 12:42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE."— Presentation transcript:

1 Build 2015 4/17/ :42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Single Sign On with Secure Authentication
Build 2014 4/17/ :42 PM 2-709 Single Sign On with Secure Authentication Karanbir Singh Senior PM, Operating Systems Security SSO with Secure Authentication © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Agenda Identity Investments in Windows 10
New authentication infrastructure How you can participate! Q&A

4 Mobility and the cloud is the new normal
Build 2015 4/17/ :42 PM Mobility and the cloud is the new normal 66% 25% 33% of employees use personal devices for work purposes.* of all software will be available on a SaaS delivery by 2020.** of employees that typically work on employer premises, also frequently work away from their desks.*** *CEB The Future of Corporate ITL: **Forrester Application Adoption Trends: The Rise Of SaaS ***CEB IT Impact Report: Five Key Findings on Driving Employee Productivity Q © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Mobility and the cloud is the new normal
Build 2015 4/17/ :42 PM Mobility and the cloud is the new normal © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Build 2015 4/17/ :42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 Build 2015 4/17/ :42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Windows 10 connects to personal and work clouds.
Build 2015 4/17/ :42 PM Windows 10 connects to personal and work clouds. © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Build 2015 4/17/ :42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 Build 2015 4/17/ :42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 Who owns this PC? Screen painted by Membership team
This choice is important, and it isn’t easy to switch later. If this machine belongs to your organization, signing in with that ID will give you access to their resources. This device belongs to my organization This device belongs to me Help me choose Next Back Next

12 Let’s get you signed in AAD sign in page – starting state
Work or school account Password Forgot your password? Which account should I use? Sign in with the username and password you use with Office 365 (or other business services from Microsoft). Skip this step Privacy statement Back Sign in

13 Let’s get you signed in Work or school account ••••••••
Password •••••••• Forgot your password? Need help? Contact the Contoso Help Desk at (206) This service is operated by Microsoft on behalf of Contoso and is for the exclusive use of their employees and partners. Skip this step Privacy statement Back Sign in

14 3-654: Managing Mobile Devices and Applications in an Enterprise
Build 2015 4/17/ :42 PM 3-654: Managing Mobile Devices and Applications in an Enterprise © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 Windows 10 connects to personal and work clouds.
Build 2015 4/17/ :42 PM Windows 10 connects to personal and work clouds. © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 Windows 10 takes a bold step forward…
Windows connects with AD and AAD too! Log on to Windows with work accounts Access apps & resources in either environment Device and app state roams Install apps from the Business Store Portal Devices are automatically enrolled in MDM IT can use Conditional Access

17 Identity is a means to an end, not the end.
Build 2015 4/17/ :42 PM Identity is a means to an end, not the end. © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Your scenarios and experiences
Build 2015 4/17/ :42 PM Your scenarios and experiences are the end. © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 Challenges No native support for AAD auth in Windows Competing development models Limited 3rd party integration support Leads to poor end-user experience

20 Web Account Manager Build 2015 4/17/2017 12:42 PM
© 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 Web Account Manager Identity/Service Provider Web Account Manager App
7. Access resources 4. Token 3. Authenticate Web Account Manager 1. RequestTokenAsync App 6. RequestResult 2. Token request 5. Request result Microsoft Web Account Provider Web Account Provider

22 Web Account Manager APIs
RequestTokenAsync GetTokenSilentlyAsync SignOutAsync

23 Output WebTokenRequestResult WebAccount Results
WebTokenResponse i.e. Token and WebAccount Status e.g. success, user cancelled, provider not available, provider specific errors, etc. WebAccount Object that represents a web account specific to an IDP ID, WebAccountProvider, User Name, State, Properties, etc. Can be used as a hint for subsequent token requests

24 4/17/ :42 PM PPT REM 10 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Web Account Manager vs ADAL*
Build 2015 4/17/ :42 PM Web Account Manager vs ADAL* If your app targets Window 10, use Web Account Manager If your app targets other versions or platforms, use ADAL Existing apps built using ADAL will continue to work *ADAL = Active Directory Authentication Library 3-767: Building Universal Windows Apps with Office 365 APIs 2-769: Develop Modern Native Application with Azure Active Directory © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 Web Account Manager is extensible. Build 2015 4/17/2017 12:42 PM
© 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 Web Account Manager Your custom Identity/Service Provider
4. Token 3. Authenticate Web Account Manager 1. RequestTokenSync App 6. RequestResult Browser Browser SSO 2. Token request 5. Request result Web Account Provider Contoso Web Account Provider Your custom Web Account Provider!

28 Web Account Provider – Why?
You are already an Identity Provider You provide services to a suite of apps and websites Off-the-shelf providers do not meet your custom needs

29 Writing a Web Account Provider
Register as a WebAccountProvider Handle Activation Kinds Manage account lifecycle 3-765: App-to-App Communication: Building a Web of Apps 2-639: Microsoft Passport and Windows Hello: Moving Beyond Passwords and Credential Theft

30 Web Account Manager Native support for AAD auth in Windows
Build 2015 4/17/ :42 PM Web Account Manager Native support for AAD auth in Windows One consistent way of authentication Rich 3rd party integration support Together - lets deliver great end-user experience! © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Build 2015 4/17/ :42 PM Q&A © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 Resources Web Account Manager SDK samples Other relevant sessions
Build 2015 4/17/ :42 PM Resources Web Account Manager App APIs WebAccountProvider APIs SDK samples Other relevant sessions 3-767: Building Universal Windows Apps with Office 365 APIs 2-769: Develop Modern Native Application with Azure Active Directory 2-639: Microsoft Passport and Windows Hello 3-765: App-to-App Communication: Building a Web of Apps 3-654: Managing Mobile Devices and Applications in an Enterprise © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33 Build 2015 4/17/ :42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

34 Appendix

35 Register as a WebAccountProvider
Update your app’s manifest <uap:Extension Category="windows.webAccountProvider"> <!-- Url defines the Plugin ID. --> <!-- BackgroundEntryPoint defines the Plugin's interface for the background. --> <uap:WebAccountProvider Url=“ BackgroundEntryPoint=“WebAccountProvider.BackgroundHandler"/> </uap:Extension>

36 Handle Activation Kinds (with UI)
void OnWebAccountProvider(WebAccountProviderActivatedEventArgs args) { // Get the base operation from the activated event args IWebAccountProviderOperation baseOperation = args.Operation; // Depending on the type of option in the base operation, cast the base operation // to the specific operation and handle it in the specific root frame switch (baseOperation.Kind) case WebAccountProviderOperationKind.RequestToken: var operation = baseOperation as WebAccountProviderRequestTokenOperation; rootFrame.Navigate(typeof(RequestTokenPage), operation); break; case WebAccountProviderOperationKind.AddAccount: var operation = baseOperation as WebAccountProviderAddAccountOperation; rootFrame.Navigate(typeof(AddAccountPage), operation); case WebAccountProviderOperationKind.ManageAccount: var operation = baseOperation as WebAccountProviderManageAccountOperation; rootFrame.Navigate(typeof(ManageAccountPage), operation); default: base.OnActivated(args); }

37 Handle Activation Kinds (No UI)
switch (baseOperation.Kind) { case WebAccountProviderOperationKind.GetTokenSilently: var operation = baseOperation as WebAccountProviderGetTokenSilentOperation; HandleGetTokenSilently(operation); break; case WebAccountProviderOperationKind.RetrieveCookies: var operation = baseOperation as WebAccountProviderRetrieveCookiesOperation; HandleRetrieveCookies(operation); default: // This is an Error break;  }

38 Manage account lifecycle
AddWebAccountAsync To add a Web Account to the System UpdateWebAccountPropertiesAsync To update a Web Account DeleteWebAccountAsync Delete a WebAccount to the System FindAllProviderWebAccountsAsync Used to find all Web Accounts you to the System

Download ppt "Build 2015 4/17/2017 12:42 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE."

Similar presentations

Office 365 Identity June 2013 Microsoft Office365 4/2/2017

Office 365 Identity June 2013 Microsoft Office365 4/2/2017
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
Azure AD & Office 365 1. Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.

Azure AD & Office Logon with Username / Password 2. MFA challenge 3. Reply to MFA challenge -1-way or 2-way SMS -Phone call -Mobile Application.
2 Agenda Introductions – Kathleen Wetherell Introduction of the Enterprise Mobility Suite– Kathleen Wetherell Overview of Microsoft’s Intune with Product.

2 Agenda Introductions – Kathleen Wetherell Introduction of the Enterprise Mobility Suite– Kathleen Wetherell Overview of Microsoft’s Intune with Product.
iOS & other Android devices KNOX EMM (Client) Cloud Service Active Directory integration (Optional) Mobile Device & App Management MDM IAM Samsung Device.

iOS & other Android devices KNOX EMM (Client) Cloud Service Active Directory integration (Optional) Mobile Device & App Management MDM IAM Samsung Device.
Build 2015 4/15/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION.

Build /15/2017 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION.
Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Active Directory federation user provisioning.

Active Directory federation user provisioning.
Microsoft Ignite /16/2017 4:55 PM

Microsoft Ignite /16/2017 4:55 PM
Desktop Mobile Xbox IoT Holographic Surface Hub Universal Windows Platform Core APIs.

Desktop Mobile Xbox IoT Holographic Surface Hub Universal Windows Platform Core APIs.
Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.

Data Devices People 6.5B Wireless connections today >42% of global population owns smartphone by end of 2015 >50% User will go to tablet or smartphone.
Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.

Empower Enterprise Mobility. of employees use personal devices for work purposes.* of employees that typically work on employer premises, also frequently.
Active Directory federation user provisioning.

Active Directory federation user provisioning.
Active Directory Integration with Microsoft Office 365

Active Directory Integration with Microsoft Office 365
Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.

Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.
User signs in to WindowsUser is signed in to your app 12.

User signs in to WindowsUser is signed in to your app 12.
Connected Experiences

Connected Experiences
Lack of control for mobile devices Different tools for phone & PC Policy conflict Inconsistent user experience… Granular mobile device mgmt Converged.

Lack of control for mobile devices Different tools for phone & PC Policy conflict Inconsistent user experience… Granular mobile device mgmt Converged.
Instructions for Administrators Choose the Enrollment slide decks that match your environment, either for SaaS or On Premise. Edit the red text to match.

Instructions for Administrators Choose the Enrollment slide decks that match your environment, either for SaaS or On Premise. Edit the red text to match.
Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Empowering people-centric IT Unified device management Access and information protection Desktop Virtualization Hybrid Identity.

Similar presentations

Ads by Google