It’s time for a refresh for ADAL .NET v3 preview! There’s nothing earth-shattering this time around… if you don’t consider adding a brand new platform earth-shattering, of course This refresh includes lots of bug fixes and small improvements, as you would expect from a refresh. However as the feature set is still fluid,…
FYI: with the release of ADAL JS 1.0, I took the opportunity for updating the perma-page with the megadiagram of all our identity dev libraries. The old diagram lives here in case you’re curious. Besides flipping the “released” switch for ADAL JS, I also rearranged the layout of the entire diagram to address…
Less than 4 months ago I wrote at length about the first preview of ADAL JS, a new library meant to help you to take advantage of Azure AD to secure your SPA apps and consume Web API from JavaScript. Since then we’ve been iterating on the library surface and architecture, ingesting your…
I am sure you have seen the exciting news about daemon apps & O365 that Alex shared a couple of days ago. That post reinvigorated interest in the token request flow based on certificates. We have a complete end to end sample giving you step by step guidance on how to implement that…
Every service that makes use of cryptographic keys will occasionally “roll its keys”, that is to say retire the keys it used up to that moment and start using new ones. That’s done mostly for security reasons: rolling keys puts a limit to the time that bad guys have available for trying their…
If you head to the NuGet gallery you’ll find that we just released an update to our ADAL .NET package. This servicing update (we go from v2.13.112191810 to v2.14.201151115) fixes various bugs. The one you’re most likely to have stumbled upon is one issue with Windows Store apps publication – which is solved…
It’s been few years that we’ve been innovating in the area of development libraries for authentication. Thanks to new technologies (e.g. NuGet) and our new approach to development (OSS) in the last couple of years we really picked up our pace, pushing out libraries at unprecedented speed. That is all more power for…
This is a classic Q I get pretty often – it’s time to get a post out and start replying by reference instead of by value The issue at hand is how to fully “sign out” (whatever that means for a native app) a user from a Windows Store client. The actual user…
Ha, I discovered that I kind of like to write short posts so here there’s another one. Azure AD endpoints can be constructed with both domain and tenantID interchangeably, “https://login.windows.net/developertenant.onmicrosoft.com/oauth2/authorize” and “https://login.windows.net/6c3d51dd-f0e5-4959-b4ea-a80c4e36fe5e/oauth2/authorize” are functionally equivalent – however the tenantID has some clear advantages. For example: it is immutable, globally unique and non-reassignable, while…
A typical authentication transaction with Azure AD will open with a generic credential gathering page. As the user enters his/her username, Azure AD figures out from the domain portion of the username if the actual credential gathering should take place elsewhere (for example, if the domain is associated with a federated tenant the…