Microsoft's Azure Active Directory: A new paradigm for Authentication

Looked at some introductory videos for Azure Active Directory ("AAD") Developers. Wow!

MS is reinventing itself with a whole new paradigm for AuthN / IDaaS out in the cloud.

Wrote a quick report summarizing video content. You can find it here.

TL;DR summary:

  • AAD and AD become a single logical entity. On-premise AD driven from cloud-based AAD.
  • Strategic AuthN protocols are:
    • OpenID Connect (MS extension of OpenID)
    • OAuth
    • WS-Federation / SAML are *not* strategic. Neither is Windows Identity Foundation.
  • Apps (public or corporate) must be registered to AAD. After that federation is easy.
  • ADAL is MS multi-platform open-source SDK to do AuthN, also Xamarin, Apache Cordova
  • Win10 will have new AuthN flows integrated at OS level: “WebAccountManager” API
  • Whole effort is serious MS “catch-up”; work in progress, rough around edges, incomplete at times
    • Eg.Kludgy support of single-page web apps with Javascript calling multiple background Web APIs.
  • Major MS paradigm shift / change in fundamental architectural direction.

1 comment:

best essay writer site said...

Even there are many advancements in dealing with cyber security but the threats are also increasing and i believe there is a time to look into further possibilities for securities