Developing an Azure AD B2C multi-tenant application

In this post from his blog, Premier Developer consultant Marius Rochon provides a demo application that illustrates how to use Azure Active Directory B2C for authentication in a multi-tenant application. The ‘regular’ Azure AD has build-in support for multi-tenant applications. In that case, a user from any Azure AD tenant can sign in to an…

0

Claims augmentation with OWIN but outside of Startup code

This post on authentication and authorization is from Premier Developer consultant Marius Rochon. Claims list included in the ClaimsPrincipal usually originate from the security token received by the application as part of user authentication (SAML, OpenIDConnect id token) or access authorization (OAuth2 bearer access token).  However, sometimes there is a need to modify that list…

0

OWIN and WS-Federation with CA Siteminder

Check out this blog from Premier Developer consultant Marius Rochon for information on how to integrate ASP.NET applications with CA Siteminder. A customer was having a problem integrating an ASP.NET application with CA Siteminder v12.52. Firstly, there was a problem with using SAML2.0 token formats. To get around that, we reconfigured SM to use SAML1.1…

0

Multi-tenant WebAPI – simple admin consent

In this post, Premier Developer consultant Marius Rochon shares his application authentication experience in order to help you create your own Multi-tenant WebAPI applications. The VS.NET 2015 wizard for adding authentication to ASP.NET WebAPI projects does not support using the multi-tenant option. Here are some notes on how to implement this option yourself and create…

0

Passive is good!

Here’s a quick read from Premier Developer consultant Marius Rochon’s blog.  In it, Marius gives some great reasons to leverage passive authentication protocols in your applications rather than writing your own code to handle credentials. Some time back I wrote about avoiding handling of credentials (creation/maintenance/verification of user names, passwords, pins, etc.) in your own…

0

Changing user password in Azure AD using GraphAPI

Recently, Premier Developer Consultant Marius Rochon posted this article on his blog regarding changing passwords in Azure AD that may be helpful to those of you facing this specific scenario in your applications: You use Azure AD for some applications (e.g. Office365), but… …one of your applications does NOT use Azure AD (yet). It has…

0

Using OAuth2 with SOAP

Premier Development Consultant Marius Rochon explores the combination of Universal App Platform (UAP) with SOAP using OAuth2 protocol for authentication. One possible application of this approach might be migrating from WCF to REST and/or needing to mix REST and SOAP services. Although the sample uses a UWP client, the same code would apply to other…


Using Azure AD to authorize Service Bus requests

Most Service Bus examples use symmetric keys directly in applications needing access to the Service Bus, usually as part of the connection string. That approach does not work so well with widely distributed applications, e.g. desktop or mobile apps.  In the latest post from his blog, Marius Rochon gives an example of how to use…

0

Should an application handle user credentials?

With development of standard authentication protocols like WS-federation, SAML and OAuth, there should be very few situations where a web application has to implement its own storage and logic for handling user credentials. This blog from Premier Developer consultant Marius Rochon enumerates the benefits of using out-of-the-box authentication solutions, some myths preventing their adoption and…

0