New features available in preview for Windows Azure Active Directory
- Support for OAuth2 for delegated directory access
- An updated Windows Azure Authentication Library (AAL) designed to work with Windows Store applications.
New Authentication Options: OAuth2 Code Grant
The authorization code grant enables you to drive user authentication flows from native applications; moreover, it offers important features (such as refresh tokens) which can help you to maintain long running sessions while minimizing the need to prompt users for their credentials.
Our OAuth2 preview also gives Administrators fine-grained control over which applications can have which sets of access privileges to the directory Graph API.
As part of this work, our Graph API has been extended to include new entities which facilitate managing delegation relationships between clients and services and the Graph Explorer, the test tool we made available during the first developer preview to explore the Graph API, has been updated to enable you to experiment with new features.
Windows Azure Authentication Library (AAL) for Windows Store
Like its .NET counterpart (announced here) AAL for Windows Store makes it easy for you to add authentication capabilities to your modern client apps, delegating the heavy lifting to Windows Azure AD by taking advantage of the new OAuth2 code grant support.
AAL for Windows Store takes full advantage of the Windows Runtime environment features. For example:
- It wraps the WebAuthenticationBroker, a Windows 8 feature designed to facilitate web based authentication flows and single sign on across trusted apps
- It offers transparent session management: AAL leverages the Credential Vault feature in Windows 8 to take care of persistent token caching, automatic token refreshing and even roaming across trusted machines!
“Together, those new features will help you deliver a modern application authorization experience that takes advantage of Windows Azure AD from your native client applications running on Windows RT and Windows 8 devices.“
Developer Preview of OAuth Code Grant and AAL for Windows Store Apps – Active Directory Team Blog – Site Home – MSDN Blogs