Book Image

Azure Active Directory for Secure Application Development

By : Sjoukje Zaal
Book Image

Azure Active Directory for Secure Application Development

By: Sjoukje Zaal

Overview of this book

Azure Active Directory for Secure Application Development is your one-stop shop for learning how to develop secure applications using modern authentication techniques with Microsoft Azure AD. Whether you’re working with single-tenant, multi-tenant, or line-of-business applications, this book contains everything you need to secure them. The book wastes no time in diving into the practicalities of Azure AD. Right from the start, you’ll be setting up tenants, adding users, and registering your first application in Azure AD. The balance between grasping and applying theory is maintained as you move from the intermediate to the advanced: from the basics of OAuth to getting your hands dirty with building applications and registering them in Azure AD. Want to pin down the Microsoft Graph, Azure AD B2C, or authentication protocol best practices? We’ve got you covered. The full range of Azure AD functionality from a developer perspective is here for you to explore with confidence. By the end of this secure app development book, you’ll have developed the skill set that so many organizations are clamoring for. Security is mission-critical, and after reading this book, you will be too.
Table of Contents (14 chapters)
Part 1: Getting Started with the Microsoft Identity Platform
Part 2: Authentication and Protocols
Part 3: Azure AD B2C

Understanding user flows

With user flows and policies in Azure AD B2C, developers and administrators can set up complete user identity experiences. The business logic that users follow during these experiences can be configured in the Azure AD B2C tenant, directly from the Azure portal. When setting up a user flow, you can configure exactly which steps users will follow when users are signing up, signing in, resetting their password, and editing their profile in your custom application. When the experience is completed, the user will authenticate, and the app can acquire a token that gives the user access to your application.

Azure AD B2C offers two different ways to provide user experiences. The first is by using out-of-the-box user flows, which we are going to cover in this section. The other way is by creating custom policies. If you have requirements that are not provided by the built-in user flows, you can choose to build a custom policy. These are XML files that can be uploaded...