role-iq-logo
Rock [Azure]
See all Azure roles

Microsoft Azure Authentication Scenarios for Developers

Azure AD is fundamental to Azure authentication scenarios. Besides basic application scenarios, this course explains MFA, B2C, certificate-based authentication, and SQL Server authentication.
Course info
Level
Intermediate
Updated
Sep 13, 2018
Duration
2h 52m
Table of contents
Description
Course info
Level
Intermediate
Updated
Sep 13, 2018
Duration
2h 52m
Description

The importance of Azure AD in Azure Authentication scenarios cannot be overstated. In this course, Microsoft Azure Authentication Scenarios for Developers, you will learn basic application scenarios, as well as MFA, B2C, certificate-based authentication, and SQL Server authentication. First, you will explore Azure Active Directory, and learn how to perform forms-based authentication. Next, you will learn about business to consumer authentication, and Azure Active Directory authentication for an SQL database. Finally, you will discover how to set up multi-factor authentication using Azure Active Directory, as well as setting up a certificate-based authentication. When you are finished with this course, you will have a good understanding of the various authentication scenarios Azure supports and you will feel confident in making the right architectural choices for your applications.

About the author
About the author

Sahil Malik has been a Microsoft MVP for the past 8 years, author of several books and numerous articles in both the .NET and SharePoint space, consultant and trainer who delivers talks at conferences internationally.

More from the author
More courses by Sahil Malik
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello. My name is Sahil Malik, and welcome to my course, Microsoft Azure Authentication Scenarios for Developers. I cannot over emphasize the importance of Azure AD. Your custom applications, web services, Web APIs, native applications, mobile applications all have an authentication story in Azure AD. So do the various Microsoft offerings such as SQL Server, multi-factor authentication, business-to-business, business-to-consumer scenarios, etc. Indeed, this is a very deep and interesting topic, and it is a very important topic too. In this course, I explain basic application authentication scenarios with enough references to cover all scenarios. I then focus on Azure AD B2C, business-to-consumer, multi-factor authentication, certificate-based authentication, and even authenticating to SQL resources using Azure AD. At the end of this course, you will have an understanding of the expanse and possibilities of what Azure AD offers, armed with enough knowledge to dig deeper. I hope you find this course useful, and thank you for watching.

Azure Authentication and Azure Active Directory
Hello, and welcome to Microsoft Azure Authentication Scenarios for Developers. My name is Sahil Malik, and let's start with the first module, Azure Authentication and Active Directory. What do we mean by those? So in this first basic introduction, let me start with a little bit of an overview. The first question we need to ask ourselves is what is wrong with Active Directory, it's been around for the last 15, 20 years, it's served us quite well, why do we need a replacement, or is it a replacement? Then the next question we will ask is what is Azure AD, followed by who is this course for? What should your background be so you get the most value out of this course? I will be showing you a lot of demos, so what tools, and subscriptions, etc. will you need to follow along, followed by how have I chosen to structure this course? Let's get started.

Azure Active Directory Business to Consumer Authentication
Next let's talk about Azure Active Directory B2C, business-to-consumer authentication. Starting with some important concepts. So I'll start by describing what exactly is Azure AD B2C and the problem it intends to solve. Once we understand the purpose of B2C, then I'll describe a scenario, a problem that we will intend to solve, an application I'll build, and exactly what that application will do, so we'll describe the application first. Then we'll dive into some code and demos, starting with, well we first need to create a B2C directory. This is different from your regular Azure Active Directory, so we need to provision one, and we need to associate it with an existing Azure subscription. We'll see how to do that shortly. Once that directory is created, I'll give you an overview of what it looks like, and walk you through the various facilities it gives. You'll see there, there you'll start seeing some differences between a regular Azure Active Directory and a B2C directory, and that'll be also a great opportunity for me to register and configure an application in there, so we'll see that next. And then finally, we will leverage that B2C directory and the application registration to perform some authentication.

Azure Active Directory Authentication for SQL Database
Next let's talk about yet another very exciting capability of Azure Active Directory, which is to provide authentication services for SQL Database. Now I use the phrase SQL Database a little loosely here because it applies to more than one SQL product in my case. You'll see shortly what I mean. Starting with a little bit of an overview, I'd like to cover the history of how we have connected to SQL Server, and what are the challenges we run into, and how does connecting to SQL Server using Azure AD solve many of those challenges? I'll also walk you through the process of using Azure AD to connect to SQL Server. Once we understand that process, I'd like to show it to you in a demo. So let's dive in.

Azure Active Directory Certificate-based Authentication
Let's talk about another important authentication type that Azure AD supports, which is certificate-based authentication. So let's start with a little overview of the things I'll be talking about. Naturally, it is first important to understand what are certificates, and well, how are they better than passwords, why do we care? Followed by, I'll talk about yet another OAuth 2. 0 standard called as the OAuth 2. 0 Client Credential Flow, when you use certificates, this is what you use. Then I'll follow along with some demos. We'll first go about registering a simple application, so you'll see that in this case, even though we're trying to write a daemon, but you register it as a web application. Then we'll need to create and register a certificate, which can act as the credential for this application. Then I'll need to grant it some permissions, what permissions? Well, our application is going to call an API, so that is how we can demonstrate that my application is working. So I need to grant it some permissions, specifically the API I will use is Microsoft Graph, so I'll walk you through how to grant those permissions. Then we'll write up an application, where I'll show you how you can read that certificate and use it to get an access token, followed by running our application in debug mode and examining the results.