Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Azure Active Directory for Secure Application Development
  • Table Of Contents Toc
Azure Active Directory for Secure Application Development

Azure Active Directory for Secure Application Development

By : Sjoukje Zaal
3.8 (6)
Buy this Book
close
close
Azure Active Directory for Secure Application Development

Azure Active Directory for Secure Application Development

3.8 (6)
By: Sjoukje Zaal
Buy this Book

Overview of this book

Azure Active Directory for Secure Application Development is your one-stop shop for learning how to develop secure applications using modern authentication techniques with Microsoft Azure AD. Whether you’re working with single-tenant, multi-tenant, or line-of-business applications, this book contains everything you need to secure them. The book wastes no time in diving into the practicalities of Azure AD. Right from the start, you’ll be setting up tenants, adding users, and registering your first application in Azure AD. The balance between grasping and applying theory is maintained as you move from the intermediate to the advanced: from the basics of OAuth to getting your hands dirty with building applications and registering them in Azure AD. Want to pin down the Microsoft Graph, Azure AD B2C, or authentication protocol best practices? We’ve got you covered. The full range of Azure AD functionality from a developer perspective is here for you to explore with confidence. By the end of this secure app development book, you’ll have developed the skill set that so many organizations are clamoring for. Security is mission-critical, and after reading this book, you will be too.
Table of Contents (14 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
To get the most out of this book
Icon
Download the color images
Icon
Download the example code files
Icon
Conventions used
Icon
Get in touch
Icon
Share Your Thoughts
1
Part 1: Getting Started with the Microsoft Identity Platform
Icon
Part 1: Getting Started with the Microsoft Identity Platform
Lock Free Chapter
2
Chapter 1: Microsoft Identity Platform Overview
chevron up
Icon
Chapter 1: Microsoft Identity Platform Overview
Icon
Learning about the Microsoft identity platform
Icon
Understanding the evolution of the Microsoft identity platform
Icon
Introducing Azure AD
Icon
Introducing Azure AD B2B
Icon
Introducing Azure AD B2C
Icon
Setting up an Azure AD tenant
Icon
Adding a user to Azure AD
Icon
Cleaning up the resources
Icon
Summary
Icon
Further reading
3
Chapter 2: Azure AD Application Model
Icon
Chapter 2: Azure AD Application Model
Icon
Technical requirements
Icon
Introducing the Azure AD application model
Icon
Learning about application and service principal objects in Azure AD
Icon
Registering an application with the Microsoft identity platform
Icon
Setting redirect URIs
Icon
Understanding permissions and consent
Icon
Understanding certificates and secrets
Icon
Restricting your Azure AD app to a set of users
Icon
Registering an application using PowerShell and the CLI
Icon
Summary
Icon
Further reading
4
Chapter 3: Application Types and User Consent
Icon
Chapter 3: Application Types and User Consent
Icon
Technical requirements
Icon
Public client and confidential client applications
Icon
Understanding the authorization code flow
Icon
Understanding the different application types
Icon
Building a web app that authenticates users using Azure AD
Icon
Understanding the Azure AD application consent experience
Icon
Understanding how end users consent to applications
Icon
Publisher verification
Icon
Summary
Icon
Further reading
5
Part 2: Authentication and Protocols
Icon
Part 2: Authentication and Protocols
6
Chapter 4: The Basics and Evolution of Authentication
Icon
Chapter 4: The Basics and Evolution of Authentication
Icon
Evolution of identity protocols
Icon
Authentication versus authorization
Icon
Pre-claims authentication techniques
Icon
Claims-based identity
Icon
First-generation protocols
Icon
Modern protocols
Icon
Summary
Icon
Further reading
7
Chapter 5: Securing Applications with OAuth 2.0, OpenID Connect, and MSAL
Icon
Chapter 5: Securing Applications with OAuth 2.0, OpenID Connect, and MSAL
Icon
Technical requirements
Icon
The OAuth 2.0 framework and its specifications
Icon
The OpenID Connect protocol and its specifications
Icon
The OAuth 2.0 and OpenID Connect flows
Icon
An overview of the Microsoft Identity Web authentication library
Icon
An overview of MSAL
Icon
Securing your application using OAuth 2.0, OpenID Connect, and MSAL
Icon
Summary
Icon
Further reading
8
Chapter 6:Building Secure Services Using the Microsoft Graph API
Icon
Chapter 6:Building Secure Services Using the Microsoft Graph API
Icon
Technical requirements
Icon
An overview of Microsoft Graph
Icon
Accessing data and methods
Icon
Queries, batching, throttling, and paging
Icon
The Microsoft Graph SDK
Icon
Building a web application that uses the Microsoft Graph API
Icon
Summary
Icon
Further reading
9
Part 3: Azure AD B2C
Icon
Part 3: Azure AD B2C
10
Chapter 7: Introducing Azure Active Directory B2C
Icon
Chapter 7: Introducing Azure Active Directory B2C
Icon
Technical requirements
Icon
Introducing Azure AD B2C
Icon
Creating an Azure AD B2C tenant and adding a user
Icon
Registering an application in Azure AD B2C
Icon
Understanding user flows
Icon
Setting up the custom web application
Icon
Summary
Icon
Further reading
11
Chapter 8: Advanced Features of Azure AD B2C
Icon
Chapter 8: Advanced Features of Azure AD B2C
Icon
Technical requirements
Icon
Identity providers in Azure AD B2C
Icon
Customizing the UI
Icon
Localization and language customization
Icon
Azure AD B2C and Microsoft Graph
Icon
Custom domains for Azure AD B2C
Icon
Summary
Icon
Further reading
12
Chapter 9: Azure AD B2C Custom Policies
Icon
Chapter 9: Azure AD B2C Custom Policies
Icon
Technical requirements
Icon
Understanding custom policies
Icon
Introducing the Identity Experience Framework
Icon
Creating a custom policy
Icon
Summary
Icon
Further reading
Icon
Why subscribe?
13
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Packt is searching for authors like you
Icon
Share Your Thoughts

Introducing Azure AD

Azure AD provides a cloud-based enterprise directory and identity management service. It offers features to give users seamless access to all types of resources, internal and external. For instance, it enables the traditional method of user authentication through a username and password, along with the management of roles and permissions to give users access to a variety of resources and products, such as the Azure portal, applications inside of the corporate network, and also Software as a Service (SaaS) applications and Office 365.

It offers traditional username and password management as well as roles and permissions management. On top of that, it offers more enterprise-grade features, such as multi-factor authentication (MFA), and SSO for your applications. It also offers different monitoring and alerting capabilities out of the box.

Azure AD offers different pricing plans, all coming with different types of features and capabilities:

  • Free: You can gain access to the most basic features by choosing this plan. This consists of support for approximately 500,000 identity objects, seamless SSO, device registration, Azure AD Join, user and group management, external identities with Azure AD B2B, Pass-Through Authentication (PTA), self-service password change, groups, and standard security reports.
  • Office 365 apps: This offers no object limit, has an Service-level Agreement (SLA) for 99.9% uptime, self-service password reset for cloud users, company branding features, and device write-back (a two-way sync for device objects between on-premises directories and Azure).
  • Premium P1: This offers advanced reporting, MFA and Conditional Access, Advanced Group Access Management, support for the application proxy, which can be used to provides secure remote access to on-premises web applications, Azure Information Protection (AIP) integration, Microsoft Cloud App Discovery, Azure AD Join, MDM auto-enrollment, and local admin policy customization.
  • Premium P2: This offers identity protection, Privileged Identity Management (PIM), access reviews, and entitlement management.

    Important Note

    For a detailed overview of all the different features for each pricing plan, you can refer to the following site: https://azure.microsoft.com/en-us/pricing/details/active-directory/.

Azure AD is also used to manage user identities in Microsoft 365. Microsoft 365 is a collection of different services, such as Windows 10, Office 365, and Enterprise Mobility. By default, your Microsoft 365 subscription comes with the free plan of Azure AD, but you can also purchase different plans to get more features.

For developers, Azure AD is primarily used for issuing tokens that enable users to sign in to applications. Before these tokens can be issued, applications need to be registered inside Azure AD, permissions need to be set, and users need to be added that can access the applications or have access to Microsoft 365 data. This is mainly done by IT administrators, but it is also important for developers to know how to put this in place. Developers can also make use of the enterprise-grade security features in Azure AD, such as Conditional Access policies and SSO, for example.

Next to the fact that an Azure AD tenant is created together with your sign-up for an Azure, Microsoft 365, Office 365, or Intune account, you can also create an Azure AD tenant manually. An Azure AD tenant is basically a representation of an organization. You create a dedicated instance of Azure AD bound to the organization. It is also possible to create multiple Azure AD tenants. Each Azure AD tenant is completely separated from other Azure AD tenants and has its own work or school identities, Azure AD B2C consumer identities, and app registrations. An app registration can be single-tenant, which only allows authentications from accounts within the tenant where it is registered, or multi-tenant, which allows authentications from all tenants.

In the next sections, we will briefly introduce Azure AD Business to Business (B2B) and Azure AD Business to Consumer (B2C).

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Azure Active Directory for Secure Application Development
End of Section 2
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon