{"id":6035,"date":"2012-07-13T10:30:33","date_gmt":"2012-07-13T09:30:33","guid":{"rendered":"http:\/\/www.itwriting.com\/blog\/?p=6035"},"modified":"2012-07-13T10:30:33","modified_gmt":"2012-07-13T09:30:33","slug":"microsoft-opens-up-office-365-and-azure-single-sign-on-for-developers","status":"publish","type":"post","link":"https:\/\/www.itwriting.com\/blog\/6035-microsoft-opens-up-office-365-and-azure-single-sign-on-for-developers.html","title":{"rendered":"Microsoft opens up Office 365 and Azure single sign-on for developers"},"content":{"rendered":"

Remember Passport and Hailstorm<\/a>? Well here it comes again, kind-of, but in corporate-friendly form. It is called Windows Azure Active Directory<\/a>, and is currently in Developer Preview:<\/p>\n

\n

Windows Azure AD provides software developers with a user centric cloud service for storing and managing user identities, coupled with a world class, secure & standards based authorization and authentication system. With support for .Net, Java, & PHP it can be used on all the major devices and platforms software developers use today. <\/p>\n<\/blockquote>\n

The clearest explanation I can find is in John Shewchuk\u2019s post<\/a> on Reimagining Active Directory for the Social Enterprise<\/a>. He makes the point that every Office 365 user is signing on to Microsoft\u2019s cloud-hosted Active Directory. And here is the big deal:<\/p>\n

\n

The Windows Azure Active Directory SSO capability can be used by any application, from Microsoft or a third party running on any technology base. So if a user is signed in to one application and moves to another, the user doesn\u2019t have to sign in again. <\/p>\n<\/blockquote>\n

Organisations with on-premise Active Directory can use federation and synchronisation (Shewchuk fudges the distinction) so that you can get a single point of management as well as single sign-on between cloud and internal network.<\/p>\n

Is this really new? I posted about Single sign-on from Active Directory to Windows Azure<\/a> back in December 2010, and in fact I even got this working using my own on-premise AD to sign into an Azure app. <\/p>\n

It seems though that Microsoft is working on both simplifying the programming, and adding integration with social networks. Here is where it gets to sound even more Hailstorm-like:<\/p>\n

\n

\u2026 we will look at enhancements to Windows Azure Active Directory and the programming model that enable developers to more easily create applications that work with consumer-oriented identities, integrate with social networks, and incorporate information in the directory into new application experiences.<\/p>\n<\/blockquote>\n

Hailstorm failed because few trusted Microsoft to be the identity provider for the Internet. It is curious though: I am not sure that Facebook or Google are more well-trusted today, yet they are both used as identity providers by many third parties, especially Facebook. Spotify<\/a>, for example, requires Facebook sign-in to create an account (an ugly feature).<\/p>\n

Perhaps the key lesson is this. Once people are already hooked into a service, it is relatively easy to get them to extend it to third-parties. It is harder to get people to sign up for an all-encompassing internet identity service from scratch.<\/p>\n

This is why Azure Active Directory will work where Hailstorm failed, though within a more limited context since nobody expects Microsoft to dominate today in the way it might have done back in 2001.<\/p>\n","protected":false},"excerpt":{"rendered":"

Remember Passport and Hailstorm? Well here it comes again, kind-of, but in corporate-friendly form. It is called Windows Azure Active Directory, and is currently in Developer Preview: Windows Azure AD provides software developers with a user centric cloud service for storing and managing user identities, coupled with a world class, secure & standards based authorization … Continue reading Microsoft opens up Office 365 and Azure single sign-on for developers<\/span> →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,19,55,67,80],"tags":[117,586,666],"class_list":["post-6035","post","type-post","status-publish","format-standard","hentry","category-net","category-cloud-computing","category-microsoft","category-professional","category-software-development","tag-active-directory","tag-microsoft","tag-office-365"],"_links":{"self":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/6035","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/comments?post=6035"}],"version-history":[{"count":0,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/posts\/6035\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/media?parent=6035"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/categories?post=6035"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itwriting.com\/blog\/wp-json\/wp\/v2\/tags?post=6035"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}