Helion


Szczegóły ebooka

Azure Active Directory for Secure Application Development

Azure Active Directory for Secure Application Development

Sjoukje Zaal

Kup pozycję na ebookpoint.pl

Azure Active Directory for Secure Application Development is your one-stop shop for learning how to develop secure applications using modern authentication techniques with Microsoft Azure AD. Whether you're working with single-tenant, multi-tenant, or line-of-business applications, this book contains everything you need to secure them.

The book wastes no time in diving into the practicalities of Azure AD. Right from the start, you'll be setting up tenants, adding users, and registering your first application in Azure AD. The balance between grasping and applying theory is maintained as you move from the intermediate to the advanced: from the basics of OAuth to getting your hands dirty with building applications and registering them in Azure AD. Want to pin down the Microsoft Graph, Azure AD B2C, or authentication protocol best practices? We've got you covered. The full range of Azure AD functionality from a developer perspective is here for you to explore with confidence.

By the end of this secure app development book, you'll have developed the skill set that so many organizations are clamoring for. Security is mission-critical, and after reading this book, you will be too.

  • Azure Active Directory for Secure Application Development
  • Contributors
  • About the author
  • About the reviewers
  • Preface
    • What this book covers
    • To get the most out of this book
    • Download the color images
    • Download the example code files
    • Conventions used
    • Get in touch
    • Share Your Thoughts
  • Part 1: Getting Started with the Microsoft Identity Platform
  • Chapter 1: Microsoft Identity Platform Overview
    • Learning about the Microsoft identity platform
    • Understanding the evolution of the Microsoft identity platform
    • Introducing Azure AD
    • Introducing Azure AD B2B
    • Introducing Azure AD B2C
    • Setting up an Azure AD tenant
    • Adding a user to Azure AD
    • Cleaning up the resources
    • Summary
    • Further reading
  • Chapter 2: Azure AD Application Model
    • Technical requirements
    • Introducing the Azure AD application model
    • Learning about application and service principal objects in Azure AD
      • Application object
      • Service principal object
    • Registering an application with the Microsoft identity platform
      • Registering an application using the Azure portal
    • Setting redirect URIs
      • Configuring the redirect URI
    • Understanding permissions and consent
      • Scopes and permissions
      • Permission types
      • Configuring permissions in the Azure portal
    • Understanding certificates and secrets
      • Configuring an app secret in the Azure portal
    • Restricting your Azure AD app to a set of users
      • Updating the app to require user assignment
      • Assigning the app to users and groups
    • Registering an application using PowerShell and the CLI
      • Registering an application using PowerShell
      • Registering an application using the CLI
    • Summary
    • Further reading
  • Chapter 3: Application Types and User Consent
    • Technical requirements
    • Public client and confidential client applications
      • Confidential client applications
      • Public client applications
    • Understanding the authorization code flow
      • Authorization code flow
    • Understanding the different application types
      • Single-page applications
      • Web apps and web APIs
      • Desktop apps
      • Deamon apps
      • Mobile apps
    • Building a web app that authenticates users using Azure AD
      • Configuring redirect URIs and setting the right permissions
      • Building the application
    • Understanding the Azure AD application consent experience
    • Understanding how end users consent to applications
      • Configuring how end users consent to applications
    • Publisher verification
    • Summary
    • Further reading
  • Part 2: Authentication and Protocols
  • Chapter 4: The Basics and Evolution of Authentication
    • Evolution of identity protocols
    • Authentication versus authorization
      • Authentication
      • Authorization
      • Authentication and authorization using the Microsoft identity platform
    • Pre-claims authentication techniques
      • Password-based authentication
      • Integrated authentication
    • Claims-based identity
      • What are claims?
      • How claims-based identity works
      • Benefits of claims-based identity
    • First-generation protocols
      • Single sign-on
      • Cookies
      • SAML
      • WS-Federation
    • Modern protocols
      • OAuth
    • Summary
    • Further reading
  • Chapter 5: Securing Applications with OAuth 2.0, OpenID Connect, and MSAL
    • Technical requirements
    • The OAuth 2.0 framework and its specifications
      • Roles
      • The OAuth 2.0 abstract flow
      • Tokens
    • The OpenID Connect protocol and its specifications
    • The OAuth 2.0 and OpenID Connect flows
      • OpenID Connect using the implicit flow
      • The authorization code flow
      • The OBO flow
      • The client credentials flow
      • The ROPC flow
      • The device code flow
    • An overview of the Microsoft Identity Web authentication library
    • An overview of MSAL
    • Securing your application using OAuth 2.0, OpenID Connect, and MSAL
      • Registering the application with your Azure AD tenant
      • Building the application
    • Summary
    • Further reading
  • Chapter 6:Building Secure Services Using the Microsoft Graph API
    • Technical requirements
    • An overview of Microsoft Graph
    • Accessing data and methods
      • The Microsoft Graph API metadata
      • Requesting data using Graph Explorer
    • Queries, batching, throttling, and paging
      • Queries
      • Batching
      • Throttling
    • The Microsoft Graph SDK
    • Building a web application that uses the Microsoft Graph API
    • Summary
    • Further reading
  • Part 3: Azure AD B2C
  • Chapter 7: Introducing Azure Active Directory B2C
    • Technical requirements
    • Introducing Azure AD B2C
    • Creating an Azure AD B2C tenant and adding a user
    • Registering an application in Azure AD B2C
      • Enabling the ID token implicit grant
    • Understanding user flows
      • Creating sign-up and sign-in flows
      • Testing the sign-up and sign-in flows
    • Setting up the custom web application
    • Summary
    • Further reading
  • Chapter 8: Advanced Features of Azure AD B2C
    • Technical requirements
    • Identity providers in Azure AD B2C
      • Configuring the identity provider in Azure AD B2C
      • Adding the LinkedIn identity provider to the user flow
    • Customizing the UI
    • Localization and language customization
    • Azure AD B2C and Microsoft Graph
    • Custom domains for Azure AD B2C
    • Summary
    • Further reading
  • Chapter 9: Azure AD B2C Custom Policies
    • Technical requirements
    • Understanding custom policies
    • Introducing the Identity Experience Framework
    • Creating a custom policy
      • Creating the signing and encryption key
      • Registering the Identity Experience Framework applications
      • Creating the Azure storage account
      • Creating the Azure function
      • Creating the custom policy
      • Deploying the custom policy
      • Testing the custom policy
    • Summary
    • Further reading
    • Why subscribe?
  • Other Books You May Enjoy
    • Packt is searching for authors like you
    • Share Your Thoughts