Walkthrough #1: Adding Sign-On to Your Web Application Using Windows Azure AD

Byvibro on
7 Comments

Single Tenant Application Architecture

[Art by Sean :-)]

As you probably already heard, today Windows Azure AD GA’d. Yeahh! Party smile

Earlier today I gave a super quick overview of the new features, and I mentioned that Edward Wu and myself inked the first walkthroughs guiding you through the main scenarios supported in this release.
Those documents are massive, more than a 100 Word pages in total. They’re also chock-full of actionable tricks  and sub-tasks, that can come in handy also outside of the scenario described by the walkthrough itself but can also be hard to find.

In this post (and the next) I’ll highlight some of the key areas covered by the walkthroughs, hoping that (with the help of the search engines) this will help you to connect you with the content carrying the answer you seek Winking smile

Let’s start with “Adding Sign-On to Your Web Application Using Windows Azure AD”. As the name suggests, this tutorial helps you to provision, develop and deploy a single-tenant web application which uses Windows Azure AD for authentication. Among other things, the tutorial will teach you:

  • How to use the Windows Azure portal to
    • create a new Windows Azure AD directory tenant, as part of your Microsoft Account-based Windows Azure subscription
    • create new directory users
    • register an application to enable Web sign on
  • How to use the Identity and Access Tool for Visual Studio 2012 to configure an MVC 4 app to connect with your Windows Azure AD tenant for sign on
  • What claims you can expect to receive (full list and semantic)
  • How to code federated sign out for your app
  • How to code automatic refresh of the Windows Azure AD signing keys to automatically handle rollover
  • How to modify the identity settings in the portal and in config to deploy your application to Windows Azure Web Sites
  • How to interpret all of the WIF-related config elements that are necessary for the scenario to work

Not bad, right? The sign out and automatic keys refresh are definitely topics that would deserve their own posts (in fact I have them in the pipeline, the key refresh one is already out) but the others as well can occasionally save the day Smile hopefully this will entice you to read and follow the walkthrough! If you do, please let us know how we can improve those.