book

Azure Active Directory for Secure Application Development

Name: Azure Active Directory for Secure Application Development
Author: Sjoukje Zaal
ISBN: 9781838646509

by Sjoukje Zaal

May 2022

Intermediate to advanced

268 pages

5h 24m

English

Packt Publishing

Read now

Unlock full access

Azure Active Directory for Secure Application Development
ContributorsAbout the authorAbout the reviewers
Preface
What this book coversTo get the most out of this bookDownload the color imagesDownload the example code filesConventions usedGet in touchShare Your Thoughts
Part 1: Getting Started with the Microsoft Identity Platform
Chapter 1: Microsoft Identity Platform Overview
Learning about the Microsoft identity platformUnderstanding the evolution of the Microsoft identity platformIntroducing Azure ADIntroducing Azure AD B2BIntroducing Azure AD B2CSetting up an Azure AD tenantAdding a user to Azure ADCleaning up the resourcesSummaryFurther reading
Chapter 2: Azure AD Application Model
Technical requirementsIntroducing the Azure AD application modelLearning about application and service principal objects in Azure ADApplication objectService principal objectRegistering an application with the Microsoft identity platformRegistering an application using the Azure portalSetting redirect URIsConfiguring the redirect URIUnderstanding permissions and consentScopes and permissionsPermission typesConfiguring permissions in the Azure portalUnderstanding certificates and secretsConfiguring an app secret in the Azure portalRestricting your Azure AD app to a set of usersUpdating the app to require user assignmentAssigning the app to users and groupsRegistering an application using PowerShell and the CLIRegistering an application using PowerShellRegistering an application using the CLISummaryFurther reading
Chapter 3: Application Types and User Consent
Technical requirementsPublic client and confidential client applicationsConfidential client applicationsPublic client applicationsUnderstanding the authorization code flowAuthorization code flow Understanding the different application typesSingle-page applicationsWeb apps and web APIsDesktop appsDeamon appsMobile appsBuilding a web app that authenticates users using Azure ADConfiguring redirect URIs and setting the right permissionsBuilding the applicationUnderstanding the Azure AD application consent experienceUnderstanding how end users consent to applicationsConfiguring how end users consent to applicationsPublisher verificationSummaryFurther reading
Part 2: Authentication and Protocols
Chapter 4: The Basics and Evolution of Authentication
Evolution of identity protocolsAuthentication versus authorizationAuthenticationAuthorizationAuthentication and authorization using the Microsoft identity platformPre-claims authentication techniquesPassword-based authenticationIntegrated authenticationClaims-based identityWhat are claims?How claims-based identity worksBenefits of claims-based identityFirst-generation protocolsSingle sign-onCookiesSAMLWS-FederationModern protocolsOAuthSummaryFurther reading
Chapter 5: Securing Applications with OAuth 2.0, OpenID Connect, and MSAL
Technical requirementsThe OAuth 2.0 framework and its specificationsRolesThe OAuth 2.0 abstract flowTokensThe OpenID Connect protocol and its specificationsThe OAuth 2.0 and OpenID Connect flowsOpenID Connect using the implicit flowThe authorization code flowThe OBO flowThe client credentials flowThe ROPC flowThe device code flowAn overview of the Microsoft Identity Web authentication libraryAn overview of MSALSecuring your application using OAuth 2.0, OpenID Connect, and MSALRegistering the application with your Azure AD tenantBuilding the applicationSummaryFurther reading
Chapter 6:Building Secure Services Using the Microsoft Graph API
Technical requirementsAn overview of Microsoft GraphAccessing data and methodsThe Microsoft Graph API metadataRequesting data using Graph ExplorerQueries, batching, throttling, and pagingQueriesBatchingThrottling The Microsoft Graph SDKBuilding a web application that uses the Microsoft Graph APISummaryFurther reading

Part 3: Azure AD B2C
Chapter 7: Introducing Azure Active Directory B2C
Technical requirementsIntroducing Azure AD B2CCreating an Azure AD B2C tenant and adding a userRegistering an application in Azure AD B2CEnabling the ID token implicit grantUnderstanding user flows Creating sign-up and sign-in flowsTesting the sign-up and sign-in flowsSetting up the custom web applicationSummaryFurther reading
Chapter 8: Advanced Features of Azure AD B2C
Technical requirementsIdentity providers in Azure AD B2CConfiguring the identity provider in Azure AD B2CAdding the LinkedIn identity provider to the user flowCustomizing the UILocalization and language customizationAzure AD B2C and Microsoft GraphCustom domains for Azure AD B2CSummaryFurther reading
Chapter 9: Azure AD B2C Custom Policies
Technical requirementsUnderstanding custom policiesIntroducing the Identity Experience FrameworkCreating a custom policyCreating the signing and encryption keyRegistering the Identity Experience Framework applicationsCreating the Azure storage accountCreating the Azure functionCreating the custom policyDeploying the custom policyTesting the custom policySummaryFurther reading
Why subscribe?
Other Books You May EnjoyPackt is searching for authors like youShare Your Thoughts

Content preview from Azure Active Directory for Secure Application Development

Chapter 4: The Basics and Evolution of Authentication

In the previous chapter, we covered the different application types that can use Azure AD for authentication and looked at user consent. We covered public client and confidential client applications, how application sign-in flows work and the different application types, such as web apps and APIs, deamon apps, and more. Next, we built a web app that authenticates users using Azure AD. Finally, we covered how users consent to applications and looked at publisher verification.

In this chapter, we are going to take a step back and look at the basics and evolution of authentication. This chapter will not contain code samples; instead, it will look at how authentication has evolved into the modern ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Azure Active Directory Connect: Deploying Hybrid Identity in the Cloud

Publisher Resources

ISBN: 9781838646509

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Azure Active Directory for Secure Application Development

by Sjoukje Zaal

Chapter 4: The Basics and Evolution of Authentication

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.