Developer Preview of Windows Azure Active Directory annouced today is a cloud identity management service for application developers, businesses and organizations.
"Windows Azure AD provides software developers with a user centric cloud service for storing and managing user identities, coupled with a world class, secure & standards based authorization and authentication system. With support for .Net, Java, & PHP it can be used on all the major devices and platforms software developers use today," Microsoft stated. Windows Azure AD synchronizes and federates with their on-premise Active Directory extending the benefits of Windows Server Active Directory into the cloud.
Today, "Windows Azure AD is already the identity system that powers Office 365, Dynamics CRM Online and Windows Intune. Over 250,000 companies and organizations use Windows Azure AD today to authenticate billions of times a week," Microsoft wrote.
The Windows Azure AD Developer Preview provides two new capabilities for developers to preview:
Graph API brings the enterprise social graph contained in Windows Azure AD and Office 365 (and thus Windows Server AD as well) to the Internet and creates an opportunity for a breadth of new collaborative applications to be created. Features include:
- Graph API REST interface (and metadata endpoints) that provide a large set of API to read the data in Windows Azure AD (for a detailed list of data available in the Preview, click on the documentation below)
- PowerShell cmdlets to grant an application read access to a tenant's Windows Azure AD
- OData support for quick integration with Visual Studio and other Microsoft technologies
- Detailed code walkthroughs for .Net that demonstrate how to add Graph APIs in your application
Web Single Sign-On - (a preview of the SSO capabilities of Windows Azure AD) make it easy to build cloud applications that deliver a Single Sign-On (SSO) experience for users logging-on to their domain joined PCs, on-premises servers and other cloud applications like Office 365. "With SSO in Windows Azure AD, businesses and organizations can easily manage user access to cloud applications without the additional cost and hassle of having to acquire and manage new user credentials," Microsoft explains.
Following features are offered in Preview:
- STS metadata endpoints to integrate Windows Azure AD in to your application
- Support for the WS-Federation protocol with SAML 2.0 tokens
- PowerShell cmdlets to configure a Windows Azure AD tenant to do SSO with your application
- Detailed code walkthroughs for PHP, Java, and .Net that demonstrate SSO capability to your application
Here are some great material to get you started on using the Developer Preview of Windows Azure AD:
- Technical details about the Graph API platform, visit the MSDN articles here.
- Java, PHP, and .Net code samples on GitHub.
- A sample application built in Windows Azure that demonstrates what's possible using Azure Active Directory using all of these technologies, available for download from GitHub here.
- Vittorio Bertocci's blog post with a deep dive into creating a Windows n Azure AD integrated application.
- Brandon Werner's blog post on the Windows Azure AD Expense Demo Application.