• Save
02 Ms Online Identity   Session 1
Upcoming SlideShare
Loading in...5
×
 

02 Ms Online Identity Session 1

on

  • 3,503 views

Live Services Jumpstart

Live Services Jumpstart

Statistics

Views

Total Views
3,503
Views on SlideShare
3,503
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

02 Ms Online Identity   Session 1 02 Ms Online Identity Session 1 Presentation Transcript

  • Live Services Synchronizing Life Online Identity Easing the pain of identity integration
  • Agenda Live Services Synchronizing Life • LiveID OverView • Advantages and Drivers • Types of Authentication – WebAuth – DelAuth – ClientAuth • Contacts • Summary • Discussion
  • Session objectives and takeaways Live Services Synchronizing Life • At the end of this session the audience should understand LiveID and how to use it. • Feel confident and comfortable to go and start creating apps that use LiveID.
  • Agenda Live Services Synchronizing Life • LiveID OverView • Advantages and Drivers • Types of Authentication – WebAuth – DelAuth – ClientAuth • Contacts • Summary • Discussion
  • Microsoft Identity Software + Services Live Services Synchronizing Life One identity model that puts users in control of their identities Flexibility via Enhances Developer Standards Based Choice Productivity Claims-Based Access Services Live Micros .Net Access Identity oft Control Service Federat Service Software “Gene Micros Windo “Gene Live ws va” Frame Active CardS Frame work
  • Live ID within the Live Framework Live Services Synchronizing Life Libraries .NET FX 3.5 APIs Silverlight APIs JavaScript APIs Client Controls Web Controls … Tools & Services Resource Model Developer ATOM JSON POX RSS Binary XML Portal AtomPub FeedSync Resource CRUD Sync URI-LINQ Triggers Auth/Z Hosting Introspection Scripts Core Data Communications App Model Provisioning / User Account Identity P2P Catalog Management Folders News Device Mesh Notifications Hosting Photos Favorites Applications Presence Mesh Applications Angus Logan 10/2/08 Contacts Groups Replace HOSTING App Data & Settings Profile Calendar Visual Studio Application Management Tools / System Designers Geospatial Search Live Operating Environment Analytics CRUD Sync App Hosting CRUD Sync Hosting Resource Script Auth/Z Angus Analytics Logan 10/2/08 Resource Script Engine Auth/Z Local Store Engine Replace Hosting Cache … P2P File Sys … Cloud Client Angus Logan 10/2/08 Developer Sandbox Replace Hosting Windows “Strata” Windows Embedded Windows Mobile Other
  • Live Services Synchronizing Life Live ID Hotmail Messenger Spaces Live Search Alerts Live.com Live Search Sky Drive Mail Photo Gallery Events Maps Expo Gallery Calendar Agents Gadgets Writer Windows Live Contacts for Mobile OneCare Toolbar QnA Favorites
  • Find Identity User Data Notifications Infrastructure Live Services & Locate & Messaging Synchronizing Life Live Search Live ID Contacts Messenger Admin Center Virtual Earth Photos Alerts Silverlight Streaming App Storage Agents Terms of Service
  • The Life of an App Developer Live Services Synchronizing Life Business logic … Identity Provider availability and reliability Anti-spam account detection IdP QoS Trust relationship management Child account legal and parental controlsOn-boarding Identity Account sign-up / management “pain” Different principal types AuthN Different authentication protocols Operating Environment
  • Live ID Identity Services Principles Live Services Synchronizing Life Above all: SECURE! Consume Open & Rich r+ Federatio Ease of Standard functiona Enterpris n friendly use s-based lity e
  • Live Services Synchronizing Life Integrating with Live ID
  • Steps to Identity Integration - APPZ Live Services Synchronizing Life Authentication A Auth Protocols Principal Types Policy P Trust relationships Auth token policies Profile P Account registration Membership DB AuthoriZation Z Claims Roles Access control
  • Live Identity Services Live Services Synchronizing Life Integration SDKs Web ••Web site integration Windows Live ID ••Co-branded user experience Web Application ••Open source samples in 7 languages – (Authentication C#, VB, Java, Perl, PHP, Ruby, Python Authentication Web ••App provider accessing u Windows Live ID ser data stored in Live Delegated Application Services (Delegation) ••Open source samples in 7 languages – Authentication ••ASP.NET controls  simplified integration Windows Live ASP.NET ••Controls: IDLogin, IDLoginView, Tools Contacts, SilverlightStreaming Windows Rich ••Rich client applications Windows Live ID ••Windows Client OS Client Client SDK Application
  • Windows Live ID – Type of Identity Live Services Synchronizing Life Principal Types Credential Types • [Strong] Password, Pin • eID / Smart card • CardSpace Types of Live ID Users The Passwo • Live / Hotmail rd • EASI (“E-mail As Anti- Pattern Sign-In”) !
  • Agenda Live Services Synchronizing Life • LiveID OverView • Advantages and Drivers • Types of Authentication – WebAuth – DelAuth – ClientAuth • Contacts • Summary • Discussion
  • Everything needs an ID - Why LiveID? Live Services Synchronizing Life • You the end user don’t have to worry about setting up and maintaining the back end infrastructure required for AuthZ and AuthN • LiveID Services takes care of it for you. • LiveID Services is always online, secure, backed up and available • Based on Open standards and platform neutral • Easy to provision, access and use • Technology agnostic • Move seamlessly across multiple applications/ services - A Single Sign In service • Last but not least – largest collection of users on a system – close to half a billion users already use LiveID. So it’s easy to tap into this vast existing user base for your customer base or audience.
  • Live ID – Rich Functionality Live Services Synchronizing Life • Provides an identity platform: m ore – An authentication platform M uch the be hind ox! A delegation platform b – lo gin – A federation platform – A user and service provisioning platform – The first line of anti-spam defense • All delivered as Software + Services – Cloud hosted authentication services – Client SDK libraries – 6 languages / multi platform • ASP.NET (C# + VB), Java, Perl, Python, Ruby
  • Agenda Live Services Synchronizing Life • LiveID OverView • Advantages and Drivers • Types of Authentication – WebAuth – DelAuth – ClientAuth • Contacts • Summary • Discussion
  • Live Services Synchronizing Life demo Live Identity Services Web Authentication Enabling apps to be secure
  • Web Authentication Protocol Overview Live Services Synchronizing Life Windows Live ID Web Authentication SDK Docs http://go.microsoft.com/fwlink/? LinkID=91762 1 Relying Party Web Site e.g., Contoso.com End User w/web 2 Integration Steps: 1. Register AppID browser 4 2. Get WebAuth library module from SDK 5 3. Use WL Tool ASP.NET controls – IDLoginStatus and/or IDLoginView 4. Create Member ID association 2 page (optional) 5. Test & deploy! 3 3 4 Windows Live ID service
  • Windows Live Tools Live Services Synchronizing Life IDLoginStatus Control (ASP.NET) • <live:IDLoginStatus – ID=quot;IDLoginStatus1quot; – runat=quot;serverquot; – ApplicationContext=quot;welcomepagequot; – BackColor=quot;#E5ECE5“ – onserversignin= • quot;IDLoginStatus1_ServerSignInquot; •onserversignout= –quot;IDLoginStatus1_ServerSignOutquot; • />
  • WebAuth Sign-in Control Live Services Synchronizing Life (Cross-platform HTML – URL decoded for readability) • <iframe id=quot;WebAuthControlquot; – src=quot;http://login.live.com/controls/ WebAuth.htm ?appid=<%=AppId%> &context=welcomepage Existing: WebAuth.htm &style=font-size=10pt; – +font-family=verdana; New: WebAuthLogo.htm – +font-style=normal; – +font-weight=bold; New: – +background=white; WebAuthButton.htm – +color=black;quot; • width=quot;80pxquot; height=quot;20pxquot;> • </iframe>
  • WebAuth Sign-in Messages Live Services Synchronizing Life Don’t panic! The SDK libraries handle all this for you! ••GET http://login.live.com/wlogin.srf Sign-in ?appid=00167FFE80002700 &appctx=welcomepage Request HTTP/1.1 ... ••POST http://www.mydomain.com/ Encrypted Contents: wl-handler.aspx HTTP/1.1 appid=<applicationid > Sign-in action=login &uid=<user identifier> Response &appctx=welcomepage &ts=<timestamp> &sig=<signature> &stoken=MA12BCF0012BAM567890 MABD123456ABCDEF12345667890
  • Live Services Synchronizing Life Live ID Services Web Authentication Sign-in Screen Customization Enabling seamless sign-in / sign-up user experience
  • Customizable Sign-in Screen Live Services Synchronizing Life • Flexible sign-in customization options allow creative and seamless user Customizable Contents Area (Orange) Elements that can be customized. Partner Logo Task integration statement Task statement Product description Sign up section Header background Customizable Theme Area (Blue) Elements cannot Sign-up section change. Customize look & feel. Font color Background color Button color User tile color Live ID description color
  • Sign-in Screen Customization Live Services Synchronizing Life • <WhiteLabelProperties> – <Logo>STRID_LOGO</Logo> – <LogoAltText>STRID_LOGOALTTEXT</LogoAltText> – <HeaderBkgndColor>#336633</HeaderBkgndColor> – <BkgndColor>#e5ece5</BkgndColor> – <FontColorLight>#b5781e</FontColorLight> – <FontColorLink>#b5781e</FontColorLink> – <ButtonColor>#9EB39B</ButtonColor> – <ButtonBorder>#336633</ButtonBorder> – <FontColor>black</FontColor> – <UserTileColor>#C6D6B9</UserTileColor> • </WhiteLabelProperties> • <SiteLoginUIProperties> – <Header id =quot;defaultquot;>STRID_HEADER</Header> – <Title id=quot;defaultquot;>STRID_TITLE</Title> – <Subtitle id=quot;defaultquot;>STRID_SUBTITLE</Subtitle> • </SiteLoginUIProperties> • <StringTable> – <Language langID=quot;enquot;> • <String id=quot;STRID_HEADERquot;>To make a Reservation, Sign in with your Windows Live ID</String> • <String id=quot;STRID_TITLEquot;>Welcome to AdventureWorks Resorts</String>
  • Customizable Registration Live Services Synchronizing Life • Flexible registration screen options Header image Task integration Username Password Password reset question / Alt e-mail Profile info CAPTCHA ToS
  • Agenda Live Services Synchronizing Life • LiveID OverView • Advantages and Drivers • Types of Authentication – WebAuth – DelAuth – ClientAuth • Contacts • Summary • Discussion
  • Live Services Synchronizing Life Live Identity Services Delegated Enabling data portability
  • Delegated Auth Protocol Live Services Synchronizing Life Windows Live ID Delegated Authentication SDK Docs http://go.microsoft.com/fwlink/? LinkID=107420 End User “Granting Consent” phase (user must be w/ browser online) Direct user to consent UI Consent UI (consent.live.com) Receive consent token Integration Steps: Application “Using Consent” Phase (user can be offline) 1. Register AppID Provider 2. Get DelAuth library (web site) Send delegation token Resource module from SDK with API call to resource Provider (e.g., 3. Create consent Windows request URL link Receive data Live Contacts) 4. Create auth callback handler page Send refresh token Windows Live ID 5. Create store for consent tokens (optional) Delegation 6. Send RP data Receive new consent token Service request and process reply 7. Test & deploy!
  • Requesting Delegated Auth Live Services Synchronizing Life Don’t panic! The SDK libraries handle all this for you! • https://consent.live.com/ delegation.aspx – ?ru=http://mydomain.myapp.com/ReturnURL.aspx – &ps=Contacts.View,Contacts.Update – &pl=http://mydomain.myapp.com/PrivacyPolicy.htm 1=Compact token, 2=SAML – &ttype=1 token – &mkt=en-US – &app=appid%3d10000%26ts%3d1193445084%26ip %3d157.56.190.178%26sig %3d7HgcsIEheEVO30BuPAEJhJeB8Pz0xHBV%252f %252bQD27AOdmI%253d Application Verifier token: AppID, Timestamp, Client IP, SHA256 signature
  • DelAuth Consent Token Response Live Services Synchronizing Life (URL Decoded) Don’t panic! The SDK libraries handle all this for you! • delt=EwCoARAnAAAUgxwUrFTrj0j98kTTv4OX %2FOkhSc2AADHt9dXtiWa4afIM1AtKBgDzW2LOYBmExjIAumf %2B33MyPpGSnwrmtOc2aKG0Oz008Jg6a9Ss8a6L4zi8Za9gT85eqqd S0HNJZW9xAUoD2MOqUz7RxqY %2FpNhAWm6ndhFTj9VWWZYi7zIJJU7RgrIXEJrmQsHSKN1%2B2Iot56 mknEECA2YAAAi5VYs8bPiGofgAEiVBGu8ve8kv459FJn8ioXFJMR4f5E YNJqxMXG8tZhe87ylkvESebImX %2B4T8EGxxgDBTTHmEnK5PtoxJDTLJCSz4UJwRPAS0KW2H5TIi7Ecu 6dZ5FbspeKlPCi7pxjevW1WAHuoJY9oow %2FgUCZhcxCusUg2Cg6LmpSm0KwacVzaXLEOwwpfUXtFSwpPsU8w 8G9syt4%2F0k1W4HJmdrqU1xqHO7ZEX3JBWpKBscNbKr5z3qCkO2t pW%2BBjFEgy8w%2Fc5wb66At7V4Vs1ccbiBJ7pC %2F0VjyfzKfBYNP2zniAmepap2jY780q73Czc10w0bfMr54cKMaDrK6 kAAA%3D%3D • &exp=1196836447
  • Delegated Auth Consent Refresh Live Services Synchronizing Life Request Don’t panic! The SDK libraries handle all this for you! • http://consent.live.com/RefreshToken.aspx – ?ru=http://mydomain.myapp.com/ ReturnURL.aspx – &ps=Contacts.View,Contacts.Update – &reft=F7BJdi2ojtPWXv7qVCKrhD0kU35Rf1k4wz0 nFx – gB33czSkOgk0Ht5n8LGLZW2Mgo06dpFYonRF0e 0ha – sWS91l37cf8sq2NaxyXJASrEdKoYOApPUBI6RqYn DS – BgkNqKPQtUbIN%252F%252FXQ %252B7qUnzyWvn – SA%253D%253D – &app=appid%3d10000%26ts
  • DelAuth Consent Refresh Live Services Synchronizing Life Response - Raw JSON Don’t panic! The SDK libraries handle all this for you! • { – quot;ConsentTokenquot;: – quot;delt%3dEwCoARAnAAAUgxwUrFTrj0j98kTTv4OX %252FOkhSc2AADHt9dXtiWa4afIM1AtKBgDzW2LOYBmExjIAumf %252B33MyPpGSnwrmtOc2aKG0Oz008Jg6a9Ss8a6L4zi8Za9gT85eqqdS 0HNJZW9xAUoD2MOqUz7RxqY %252FpNhAWm6ndhFTj9VWWZYi7zIJJU7RgrIXEJrmQsHSKN1%252B2Iot5 6mknEECA2YAAAi5VYs8bPiGofgAEiVBGu8ve8kv459FJn8ioXFJMR4f5EYNJ qxMXG8tZhe87ylkvESebImX %252B4T8EGxxgDBTTHmEnK5PtoxJDTLJCSz4UJwRPAS0KW2H5TIi7Ecu6d Z5FbspeKlPCi7pxjevW1WAHuoJY9oow %252FgUCZhcxCusUg2Cg6LmpSm0KwacVzaXLEOwwpfUXtFSwpPsU8w8 G9syt4%252F0k1W4HJmdrqU1xqHO7ZEX3JBWpKBscNbKr5z3qCkO2tpW %252BBjFEgy8w%252Fc5wb66At7V4Vs1ccbiBJ7pC %252F0VjyfzKfBYNP2zniAmepap2jY780q73Czc10w0bfMr54cKMaDrK6k AAA%253D%253D%26reft %3dF7BJdi2ojtPWXv7qVCKrhD0kU35Rf1k4wz0nFxgB33czSkOgk0Ht5n8L GLZW2Mgo06dpFYonRF0e0hasWS91l37cf8sq2NaxyXJASrEdKoYOApPUBI 6RqYnDSBgkNqKPQtUbIN%252F%252FXQ%252B7qUnzyWvnSA%253D %253D%26skey%3diS30MXEnIJj7K6HpwUBrXR5isE9rN9zq%26offer %3dContacts.View,Contacts.Update%3a1228350847%26exp %3d1196836447%26sig%3dC1itgV6AL7%252F %252BJFnML1unjGZ6nNNjQsrb8%252BcTtmNAzp8%253D%26lid %3df8eb4468555a951equot;
  • Delegated Auth Protocol Drilldown Live Services Synchronizing Life User’s 3rd Party WLID WL RP  Supplies ‘on behalf of’ functionality Browser Website Service Service  App can act on behalf of the user  Subject to user’s consent Access 3rd party  For a specific “offer” only (eg Calendar.Read) 1 app  For a defined time period  Re-use / Extend existing building blocks 2 Redirect to Consent  WS-Trust RequestSecurityToken ‘on-behalf of’ element 3 Request user  Re-use existing tokens – SAML and Compact – with consent & token new elements – ‘appid’ and “Offer” 4 Redirect to 3rd party  Use Roles and Sharing for storing Permissions app w/ token  Scenarios that are enabled 5Post token to app  Supply auth mechanism for 3rd parties to call WL APIs – Facebook, match.com 6 Request user data  Exchange 14 calendar sharing w/ app token  Application authentication – Echoes 7 Return data for the  Existing WL services integrate easily user to the app  RPS Validates the App token, same as auth Token 8  RPS is configured to map the API to the “Offer” in the App render app token data to user 9  App can perform additional AuthZ checks if needed Renew  Basic flow token  App needs a token to access WL API 10 Request  Send user to a consent URL with identifier for “Offer” updated data consent is needed for 11 render data to  User grants consent and a token is return to the App user  App uses the token to make authenticated call WL API  Token has expiration. Can be renewed by the app if consent is still valid
  • Agenda Live Services Synchronizing Life • LiveID OverView • Advantages and Drivers • Types of Authentication – WebAuth – DelAuth – ClientAuth • Contacts • Summary • Discussion
  • Client SDK Live Services Synchronizing Life • Integrate Desktop Applications to use Live ID • SDK provides a managed API • No need to worry about technical details of authentication – Live ID authentication manages this process • Not necessary to bother about storing
  • demo Live Services Synchronizing Life Desktop Client Auth Demo
  • Live Services Synchronizing Life Announced at PDC Windows Live ID OpenID Provider Embracing Open Standards
  • Windows Live ID OpenID Provider Live Services Synchronizing Life Microsoft is becoming an OpenID Provider (OP) Next Steps - Try the Live ID Use your Windows Live ID account OP 1. Set up a Live ID INT account: to https://setup.Live-INT.com/ sign-in to any OpenID 2.0 enabled 2. Set up OpenID alias: https:// What is OpenID? OpenID.Live-INT.com /beta/ Web site • “Open ID is a free and easy way to use a single ManageOpenID.srf digital identity across the Internet” 3. Users: Use OpenID 2.0 login Source: OpenID Foundation - http://openid.net/ • OpenID eliminates the need for multiple URI:OpenID.Live- usernames across different websites INT.com Key Implementation Details 4. Library developers: Test  Create interop with the Live ID OP OpenID Alias attached to your Live ID account endpoint  Authenticate 5. Web site owners: Test Live ID with alias + account credentials  Choice: Either global unique (public) or pair- wise anonymous (private) identifier returned to RP
  • OpenID Sign-in Request Live Services Synchronizing Life (URL decoded for readability) Don’t panic! The SDK libraries handle all this for you! • GET http://openid.live-INT.com/OpenIDAuth.srf – ?openid.mode=checkid_setup – &openid.identity=http%3a%2f%2fopenid.live-int.com%2fjthelin – &openid.ns=http%3a%2f%2fspecs.openid.net%2fauth%2f2.0 – &openid.claimed_id=http%3a%2f%2fopenid.live-int.com%2fjthelin – &openid.realm=http%3a%2f%2flocalhost%3a49413%2f – &openid.return_to=http%3a%2f%2flocalhost%3a49413%2flogin.aspx %3fReturnUrl%3d%252fDefault.aspx%26token%3dAbu8voGNbjk2%252fH %252bWGN4vgbrzsETS0aCY%252bCSc%252frV %252bo6kKaHR0cDovL2p0aGVsaW4ucGlwLnZlcmlzaWdubGFicy5jb20vDQ podHRwOi8vanRoZWxpbi5waXAudmVyaXNpZ25sYWJzLmNvbS8NCg0KaH R0cDovL3BpcC52ZXJpc2lnbmxhYnMuY29tL3NlcnZlcg0KMi4wDQo%253d – &openid.assoc_handle=d7d181a0-632e-11dd-ba82-f91efcd7aef7 • HTTP/1.1
  • OpenID Sign-in Response Live Services Synchronizing Life (URL decoded for readability) Don’t panic! The SDK libraries handle all this for you! • GET /login.aspx – ?ReturnUrl=/Default.aspx – &token=Abu8voGNbjk2/H+WGN4vgbrzsETS0aCY+CSc/rV +o6kKaHR0cDovL2p0aGVsaW4ucGlwLnZlcmlzaWdubGFicy5jb20vDQpodHRwOi8vanR oZWxpbi5waXAudmVyaXNpZ25sYWJzLmNvbS8NCg0KaHR0cDovL3BpcC52ZXJpc2lnbm xhYnMuY29tL3NlcnZlcg0KMi4wDQo= – &openid.assoc_handle=d7d181a0-632e-11dd-ba82-f91efcd7aef7 – &openid.response_nonce=2008-08-05T20:42:15ZiBs= – &openid.ns=http://specs.openid.net/auth/2.0 – &openid.mode=id_res – &openid.op_endpoint=http://openid.live-int.com/openidauth.srf – &openid.claimed_id=http://openid.live-int.com/jthelin – &openid.sig=kdXRyifqU0vd6H4kjgY5kgwmq4nN5ZhXBSck/bfLMDg= – &openid.identity=http://openid.live-int.com/jthelin – &openid.signed=assoc_handle,identity,response_nonce,return_to,claimed_id,op_end point – &openid.return_to=http%3a%2f%2flocalhost%3a49413%2flogin.aspx%3fReturnUrl%3d %252fDefault.aspx%26token%3dAbu8voGNbjk2%252fH%252bWGN4vgbrzsETS0aCY %252bCSc%252frV %252bo6kKaHR0cDovL2p0aGVsaW4ucGlwLnZlcmlzaWdubGFicy5jb20vDQpodHRwOi8
  • Agenda Live Services Synchronizing Life • LiveID OverView • Advantages and Drivers • Types of Authentication – WebAuth – DelAuth – ClientAuth • Contacts • Summary • Discussion
  • demo Live Services Synchronizing Life Live Contacts Enabling apps to be secure – Delegated Authentication
  • Agenda Live Services Synchronizing Life • LiveID OverView • Advantages and Drivers • Types of Authentication – WebAuth – DelAuth – ClientAuth • Contacts • Summary • Discussion
  • Summary – Windows Live ID Live Services Synchronizing Life • The biggest identity provider on the planet! • … but Live ID platform is much more than just the familiar login box • Various types of users and various authentication models are supported • Sign-in and Sign-up page customizations • Increasing focus on enabling federation and enterprise access to online services • Ease-of-use is always the goal ..... and the challenge!
  • Summary Live Services Synchronizing Life Live Identity Services Identity Integration Web Authentication Screen Customization Delegated Authentication Client Authentication Federated Authentication OpenID Support Core Principles Into the • Ease of use Future • Rich functionality • More ease of • Open and use – for users Standards-based • Personal + Easy and developers • More
  • Questions? Live Services Synchronizing Life Discussion Please use microphones
  • Live Identity Services Live Services Synchronizing Life Resources and links • Windows Live ID Developer Center - http://dev.live.com/liveid – Windows Live ID Articles on MSDN - http://go.microsoft.com/fwlink/?LinkId=111111 – Windows Live ID Documentation on MSDN - http://msdn2.microsoft.com/en-us/library/ bb404787.aspx – Windows Live ID Developer Forum - http://go.microsoft.com/fwlink/?LinkID=78146 – Windows Live ID Team Blog - http://winliveid.spaces.live.com • Windows Live ID Whitepapers – Introduction to Windows Live ID - http://msdn2.microsoft.com/en-us/library/ bb288408.aspx – Understanding Windows Live Delegated Authentication - http://msdn2.microsoft.com/ en-us/library/cc287613.aspx – Windows Live ID Federation - http://msdn2.microsoft.com/en-us/library/ cc287610.aspx • Windows Live ID Documentation and SDKs – Windows Live ID Web Authentication SDK Docs http://go.microsoft.com/fwlink/? LinkID=91762 Web Authentication SDK Samples http://go.microsoft.com/fwlink/?LinkID=91761 – Windows Live ID Delegated Authentication SDK Docs http://go.microsoft.com/fwlink/? LinkID=107420 Delegated Authentication SDK Samples http://go.microsoft.com/fwlink/?LinkId=107419 – Windows Live ID Client SDK download - http://go.microsoft.com/fwlink/?LinkId=86974 • Delegated Authentication Resource Providers List - http://go.microsoft.com/ fwlink/?LinkID=108535