Securing Applications and APIs with the Microsoft Identity Platform

Paths

Securing Applications and APIs with the Microsoft Identity Platform

Authors: Sahil Malik, Ervis Trupja, Matthew Soucoup

The Microsoft Identity Platform gives you the tools necessary to build solutions and applications that both customers and users can securely sign in to. This skill path will teach... Read more

What You Will Learn

  • How developers can get started with Azure Active Directory
  • How to protect JavaScript single page applications with Azure Active Directory
  • How to protect web applications and APIs with Azure Active Directory
  • How to protect daemons and services with Azure Active Directory
  • How to protect mobile applications with Azure Active Directory
  • How to build authorization in Azure Active Directory
  • How to develop Azure Active Directory B2C applications

Pre-requisites

This path is intended for developers who are already familiar with the Azure portal and expects learners to be familiar with Azure administration and development.

Beginner

The course in this section of the path will teach you the essentials you need to gain a foundational knowledge in Azure Active Directory for developers. After taking this course, you should have the knowledge necessary to start building authentication and authorization into the solutions you're building.

Getting Started with Azure Active Directory for Developers

by Sahil Malik

Feb 18, 2020 / 2h 15m

2h 15m

Start Course
Description

As a developer connected to the Microsoft ecosystem, learning Azure Active Directory is essential. In this course, Getting Started with Azure Active Directory for Developers, you’ll learn to provision, manage and use Azure Active Directory. First, you’ll explore the basic process of creating an Azure AD, its relationship with subscriptions, and managing permissions and roles in AAD. Next, you’ll discover the ins and outs of service principals and app registrations, and the essential concepts of OAuth2 and OpenID connect. Finally, you’ll learn how to manage Azure AD through the portal, Azure CLI, and Powershell. When you’re finished with this course, you’ll have the skills and knowledge of Azure Active Directory needed to provision and administer apps, service principals, and a clear understanding of modern authentication principals.

Table of contents
  1. Course Overview
  2. An Introduction to Azure Active Directory
  3. Modern Authentication Basics
  4. Service Principals
  5. Azure AD Application Registrations
  6. Manage Azure AD from Terminal

Intermediate

The courses in this section of the path teach you how to protect a variety of different applications and solutions using Azure Active Directory. You'll learn about JavaScript single page applications, mobile applications, web applications, Web APIs, daemons and other services.

Developing JavaScript Single Page Applications Protected by Azure Active Directory

by Ervis Trupja

Apr 1, 2020 / 1h 14m

1h 14m

Start Course
Description

Once your app is available to the public, you need to make sure that users with bad intentions are securely restricted from accessing your resources. One way is to secure your apps by requiring users to be authenticated and authorized. In this course, Developing JavaScript Single Page Applications Protected by Azure Active Directory, you’ll learn to access secured APIs from a plain JavaScript, Angular and React app. First, you’ll explore how to use a plain JavaScript app to access a secured API. Next, you’ll discover how to use an Angular app to access an API that is secured with AAD. Finally, you’ll understand how to use a React app to access an API that is secured with AAD. When you’re finished with this course, you’ll have the skills and knowledge needed to securely access API EndPoints secured by Azure Active Directory.

Table of contents
  1. Course Overview
  2. Securing Your Web API Using Azure Active Directory
  3. Consume ADD Protected APIs from JavaScript Apps
  4. Consume ADD Protected APIs from Angular Apps
  5. Consume ADD Protected APIs from React Apps

Developing Daemons and Services Protected by Azure Active Directory

by Sahil Malik

Apr 15, 2020 / 1h 31m

1h 31m

Start Course
Description

Headless processes commonly referred to as daemons or services have no opportunity to present an authentication user interface. Yet they must be able to access Azure AD protected resources. In this course, Developing Daemons and Services Protected by Azure Active Directory, you’ll learn to securely call Azure AD protected APIs from headless processes. First, you’ll explore the flows available to headless applications and the basics of service principals. Next, you’ll discover how to perform client credential flow with both REST or APIs on .NET, NodeJS and Python. Finally, you’ll learn how to master managed identities when working in Azure. When you’re finished with this course, you’ll have the skills and knowledge of the various facilities Azure AD offers needed to author headless applications that need to call secure APIs in Azure.

Table of contents
  1. Course Overview
  2. Headless applications and Azure AD
  3. Client Credential Flow
  4. Daemons with Managed Identities

Developing Web Applications and Web APIs Protected by Azure Active Directory

by Sahil Malik

Mar 4, 2020 / 2h 26m

2h 26m

Start Course
Description

A large percentage of applications are accessed via the browser. The rest of them usually call a REST API. If you wish to secure either using Azure AD, this course is for you. In this course, Developing Web Applications and Web APIs Protected by Azure Active Directory, you’ll learn to secure Web applications and Web APIs using Azure AD. First, you’ll explore protecting Web Apps for user logins. Next, you’ll discover how to secure Web APIs callable from any modern auth client. Finally, you’ll learn how to forward user identity and concepts such as scopes, and consents. When you’re finished with this course, you’ll have the skills and knowledge of securing Web APIs and Web Apps needed to applications secured by modern authentication protocols using Azure AD.

Table of contents
  1. Course Overview
  2. Secure Web Applications
  3. Secure Web APIs
  4. Scopes and Consent
  5. Forwarding Identity and on Behalf of Flow

Developing Mobile Applications Protected by Azure Active Directory

by Matthew Soucoup

May 11, 2020 / 1h 15m

1h 15m

Start Course
Description

Authenticating users is essential to mobile applications, and for the sake of your users it needed to be implemented right, but it’s difficult to know where to get started. In this course, Developing Mobile Applications Protected by Azure Active Directory, you’ll learn to harness the power and infrastructure of Azure AD to provide your users and mobile apps with a secure sign-in experience. First, you’ll explore how to configure Azure AD to work with your mobile app. Next, you’ll discover how users can sign-in to your mobile application to access secure resources in a custom web API. Finally, you’ll learn how to query the Microsoft Graph to obtain information about your users contained within Azure AD. When you’re finished with this course, you’ll have the skills and knowledge of authenticating mobile apps with Azure AD needed to provide your users with a secure experience.

Table of contents
  1. Course Overview
  2. Understanding Azure Active Directory Mobile Applications
  3. Authenticating with Mobile Apps
  4. Microsoft Graph Fundamentals
  5. Using Microsoft Graph with a Mobile App
  6. Brokered Authentication
  7. Implementing Native Logins with Azure AD

Advanced

The courses in this section of the path focus on the more advanced topics of the Microsoft Identity Platform, including building authorization and developing B2C apps. After taking these courses in conjunction with the others in the path, you'll be equipped with the tools and knowledge necessary to integrate Azure Active Directory into any of the solutions you are building.

Building Authorization in Azure Active Directory for Developers

by Sahil Malik

Mar 2, 2020 / 1h 21m

1h 21m

Start Course
Description

Authentication is just part of the story, what can you do, once we know who you are, is authorization, a rather weedier topic. In this course, Building Authorization in Azure Active Directory for Developers, you’ll learn to build authorization your AAD protected applications. First, you’ll explore RBAC based authorization and it’s limits. Next, you’ll discover scope based authorization. Finally, you’ll learn how to use custom claims. When you’re finished with this course, you’ll have the skills and knowledge of effectively building authorization needed to build real world enterprise applications.

Table of contents
  1. Course Overview
  2. What Is Authorization?
  3. RBAC Based Authorization
  4. Scope Based Authorization
  5. Custom Claims Based Authorization

Developing Azure Active Directory B2C Applications

by Matthew Soucoup

Apr 16, 2020 / 2h 4m

2h 4m

Start Course
Description

Azure AD Business-to-Consumers (B2C) allows anybody to create, and manage, accounts for your applications. In this course, Developing Active Directory B2C Applications, you’ll learn to how to manage consumer identities with Azure AD B2C. First, you’ll explore setting up and configuring Azure AD B2C. Next, you’ll discover how to enable your applications to allow anybody to sign-up/sign-in, customize that experience, and protect back-end resources. Finally, you’ll learn how to manage your user’s identities using Microsoft Graph and Application Insights. When you’re finished with this course, you’ll have the skills and knowledge of Azure AD B2C needed to allow anybody to sign-in to your applications and then manage those users.

Table of contents
  1. Course Overview
  2. Configure Azure Active Directory B2C
  3. Building and Testing User Flows
  4. Authenticate Web Application with Azure Active Directory B2C
  5. Implement Azure Active Directory B2C Custom Policies
  6. Advanced Azure AD Custom Policies
  7. Integrate Azure AD B2C with AAD and Microsoft Graph
  8. Manage User Data in Azure Active Directory B2C Using Application Insights