Slide deck from Azure Saturday Munich 2019. Describing basics of online identity management and federation. But also capabilities of Azure AD B2C - from open standards protocols support (like OAuth and OpenID Connect) to building complex identity flows with Identity Experience Framework
If you struggle with identity manager and the user sign-in experience for your consumer applications and websites; here we are going to take a closer look at the custom implementation of Azure AD B2C for one big banking product with thousands of users daily. Azure AD B2C is a service to help you reliably and securely maintain user accounts of the B2C applications. We show you the scenes of the developer's journey that made it possible, some solutions and how we connected existing web and mobile apps and allowed users to sign-in and use existing APIs painlessly.
Once you integrated with AD for one reason (SSO, one specific workload, etc), gaining access to the rest of the platform (other workloads, different dev stack, etc) is nearly free. Most common tasks take far less code and config than people think! Microsoft Graph makes it possible to do interesting things most people don’t realize, with less effort than anticipated. Come learn how to leverage what you've already done to drive additional business value at scale.
Slide deck from Azure Saturday Munich 2019. Describing basics of online identity management and federation. But also capabilities of Azure AD B2C - from open standards protocols support (like OAuth and OpenID Connect) to building complex identity flows with Identity Experience Framework
If you struggle with identity manager and the user sign-in experience for your consumer applications and websites; here we are going to take a closer look at the custom implementation of Azure AD B2C for one big banking product with thousands of users daily. Azure AD B2C is a service to help you reliably and securely maintain user accounts of the B2C applications. We show you the scenes of the developer's journey that made it possible, some solutions and how we connected existing web and mobile apps and allowed users to sign-in and use existing APIs painlessly.
Once you integrated with AD for one reason (SSO, one specific workload, etc), gaining access to the rest of the platform (other workloads, different dev stack, etc) is nearly free. Most common tasks take far less code and config than people think! Microsoft Graph makes it possible to do interesting things most people don’t realize, with less effort than anticipated. Come learn how to leverage what you've already done to drive additional business value at scale.
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughVinu Gunasekaran
Agenda:
Reviewing the Exercise – Collect a Loyalty Number from your Customers
Getting Started with Azure AD B2C Custom Policies
Setting up the Policy
Defining the Loyalty Number Claim
Configuring Profile Editing to Include the Loyalty Number
Configure Reading and Writing the Claim
Updating the User Journey
Relying Party Declaration Updates
In this month's call, Loki Meyburg, Program Manager for Microsoft Teams discusses single sign-on (SS0) in Microsoft Teams, including:
-What is single sign-on (SSO)
-Authentication in 2019
-Single sign-on for Teams tabs today!
-Getting starting with SSO
Watch the recording here - https://youtu.be/91Sb5lz3STI
Azure AD B2C Webinar Series: Custom Policies Part 1Vinu Gunasekaran
Agenda:
Introducing Custom Policies in Azure AD B2C
Custom Policy Components
Relying Party and User Journeys
Claims Definitions
Technical Profiles
Getting Started with Azure AD B2C Custom Policies
by Fritz Kunstler, Sr. AWS Security Consultant AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Implement Authorization in your Apps with Microsoft identity platform-June 2020Microsoft 365 Developer
Learn about the features of the Microsoft identity platform available to developers to implement authorization in their applications that developers have integrated with the platform. In this session, Kalyan Krishna (@kalyankrishna1), Identity Platform Program Manager covers four of these available options in detail: App roles, Security groups, Scopes and Directory roles.
Watch the recording: https://youtu.be/LRoc-na27l0
In May's Microsoft identity platform call, Navya Canumalla went into detail on MSAL Java and Python, including an overview, supported scenarios and calling patterns. Quickstart demo, token cache and ADAL to MSAL migration.
View recording https://youtu.be/yCCjNqFva9w
Resources:
MSAL Java https://aka.ms/msaljavadocs
MSAL Python https://aka.ms/msalpythondocs
Stay connected
Twitter https://twitter.com/microsoft365dev
YouTube https://aka.ms/M365DevYouTube
Blogs https://aka.ms/M365DevBlog
Single Page Apps bring a unique set of concerns to authentication and user management. Robert Damphousse, lead Javascript engineer at Stormpath, will show you how to use Stormpath to secure an Angular.js app with any backend: Java, Node, PHP, .NET and more!
Robert will deep dive into Angular.js authentication best practices and an extended technical example. Join us!
Topics Covered:
- Authentication in Single Page Apps (SPA)
- Using JWTs instead of Session IDs
- Secure Cookie storage
- Cross-Origin Resource Sharing
- Where does Stormpath fit in your architecture?
- End-to-end example with Angular.js + Express.js
- Password-based registration and login
- How to secure your API endpoints
- Implement User Authorization
- Design for a frictionless User Experience
Azure AD B2C Webinar Series: Custom Policies Part 2 Policy WalkthroughVinu Gunasekaran
Agenda:
Reviewing the Exercise – Collect a Loyalty Number from your Customers
Getting Started with Azure AD B2C Custom Policies
Setting up the Policy
Defining the Loyalty Number Claim
Configuring Profile Editing to Include the Loyalty Number
Configure Reading and Writing the Claim
Updating the User Journey
Relying Party Declaration Updates
In this month's call, Loki Meyburg, Program Manager for Microsoft Teams discusses single sign-on (SS0) in Microsoft Teams, including:
-What is single sign-on (SSO)
-Authentication in 2019
-Single sign-on for Teams tabs today!
-Getting starting with SSO
Watch the recording here - https://youtu.be/91Sb5lz3STI
Azure AD B2C Webinar Series: Custom Policies Part 1Vinu Gunasekaran
Agenda:
Introducing Custom Policies in Azure AD B2C
Custom Policy Components
Relying Party and User Journeys
Claims Definitions
Technical Profiles
Getting Started with Azure AD B2C Custom Policies
by Fritz Kunstler, Sr. AWS Security Consultant AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Implement Authorization in your Apps with Microsoft identity platform-June 2020Microsoft 365 Developer
Learn about the features of the Microsoft identity platform available to developers to implement authorization in their applications that developers have integrated with the platform. In this session, Kalyan Krishna (@kalyankrishna1), Identity Platform Program Manager covers four of these available options in detail: App roles, Security groups, Scopes and Directory roles.
Watch the recording: https://youtu.be/LRoc-na27l0
In May's Microsoft identity platform call, Navya Canumalla went into detail on MSAL Java and Python, including an overview, supported scenarios and calling patterns. Quickstart demo, token cache and ADAL to MSAL migration.
View recording https://youtu.be/yCCjNqFva9w
Resources:
MSAL Java https://aka.ms/msaljavadocs
MSAL Python https://aka.ms/msalpythondocs
Stay connected
Twitter https://twitter.com/microsoft365dev
YouTube https://aka.ms/M365DevYouTube
Blogs https://aka.ms/M365DevBlog
Single Page Apps bring a unique set of concerns to authentication and user management. Robert Damphousse, lead Javascript engineer at Stormpath, will show you how to use Stormpath to secure an Angular.js app with any backend: Java, Node, PHP, .NET and more!
Robert will deep dive into Angular.js authentication best practices and an extended technical example. Join us!
Topics Covered:
- Authentication in Single Page Apps (SPA)
- Using JWTs instead of Session IDs
- Secure Cookie storage
- Cross-Origin Resource Sharing
- Where does Stormpath fit in your architecture?
- End-to-end example with Angular.js + Express.js
- Password-based registration and login
- How to secure your API endpoints
- Implement User Authorization
- Design for a frictionless User Experience
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Vincent Biret
Slides supporting the session at the granite state user group meeting of January 2019. Talking as well about #Azure Active directory and lots of other things
SharePoint 2013 Apps and the App ModelJames Tramel
SharePoint 2013 Apps - deep dive. We'll look at they work, what they look like, what they do and how to us apps. Its all about the apps. Apps are good, very good.
Dirk-jan Mollema
How does one research the cloud? With solutions such as Azure AD and Office 365, the underlying platform architecture and designs are not publicly documented or accessible in the same way as on-premise. This makes analyzing the security of the platform harder for external researchers. In this talk I will explain the journey and discoveries of a year of trying to understand Azure AD, including the vulnerabilities discovered in the process. This ranges from gathering information about Azure AD via undocumented APIs to installing invisible backdoors and escalating privileges via limited roles or via the link with on-premise. While some of these vulnerabilities have been resolved, several of these are unintended consequences of Azure AD's architecture and thus are important to consider when evaluating the security of your Azure AD environment. A basic understanding of Azure AD, Office 365 and its terminology is assumed for this talk.
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGRoy Kim
A presentation at a technology meetup.
Roy Kim will walk through various access scenarios and capabilities using Azure AD services and features to access SharePoint 2013/2016 server. This will include a comparison between AD Connect + Azure Application Proxy to publish an internal SharePoint application and 3rd Party Auth0 to assist in federating Azure AD and SSO integration. And also the recently supported Azure AD SAML 1.1 Token.
Roy will go through a demo, its architecture, and commentary of pros and cons. At the end you will have a good understanding of the technology capabilities to determine supporting access and user management scenarios.
A "from the trenches" view into how GE is using federation standards to abstract & harden our growing cloud WAM platform. Topics covered: GE's approach to OpenID Connect for cross platform authentication (web, mobile), 2) GE's API management platform for API publishing, subscription & security, 3) how the two work together, 4) lessons learned & areas for improvement.
พบกับเซสชั่น "Microsoft Graph for Microsoft 365 and Power Platform" ในงาน Microsoft 365 Developer Bootcamp
- แนะนำ Microsoft Graph
- เรียนรู้การเรียกใช้งาน REST API เพื่อเข้าถึงข้อมูลบนบริการต่าง ๆ ของ Microsoft 365
โดยคุณแชมป์ Narisorn Limpaswadpaisarn (Microsoft Certified Trainer)
Overview of Azure AD
Deployment lessons from the real world
Outline items that can accelerate your deployment
Avoid things that can slow you down
Deep Dive on common technical challenges and how to overcome them
This is the presentation deck used during the event organized by Cloud Journey User Group on 06th March 2021 to know about the power of Microsoft Graph with focus on applications like Power Apps, Power Automate and dotnet core
Azure Networking, Azure Storage, Enterprise Azure Active Directory, Daemon or Server application authentication workflow, Worker processes, Daemon, Daemon application to Web API, Azure Active Directory in old azure portal, ASM, Azure active directory and Mutl-tenant applications, Sharding, Federation, Shared singe, RBAC, Differences between AAD and AD DS, Azure AD Subscription models, Azure Domain Names, Manage Users, Groups,Co-Admin Role, Default Azure Active Directory, Adding access to another azure subscription. Contributor, Owner , Roles in Azure Subscriptions, Roles, MFA, Multi-Factor Authentication, How does MFA works, Scenarios for Azure MFA, Setting up MFA in Azure AD, Setting MFA, Azure Authenticator, Hybrid AD solutions, AD DS, Federated Trust, Domain Controller, AD, AAD Connecter, AD FS, AAD, Active Directory Password synchronization, Benefits of Active Directory, Active Directory Replication, vulnerabilities with multiple Domain Controller, Azure AD features, Synchronization with AD Connect, Write-back policies, Azure AD Health COnnect, Installing Azure AD COnnect Health,Integrating Azure AD and SaaS Applications, Benefits of using SaaS Solutions with your products, Benefits of SaaS Solutions, Azure Marketplace, DropBox Integrations with AAD, New Relic Integrations, New Relic, Dropbox, Azure AD Enterprise Application, VSTS integration for Automated Builds, Federation Overview, Claims, Single Sign On, Federated Trusts, Claim based authentications, Federated trusts, Claims Processing, Web Application Proxy, ADFS Proxy, ADFS 2.0 Proxy, How does ADFS proxy works for internal users, How does ADFS proxy works for internal users,Azure AD B2C Directory, B2C applications, Business 2 Customers application, 3rd Party Authentication, Bearer Token, OAuth, 3rd Party Identity Provider, OAuth server, Azure AD B2C Authentication & Authorization, Implementing Azure AD B2C Directory, Setting up Single Sign On with Facebook, Google, Microsoft. Linkedin, SignUP Policies, SignIN Policies, Email SignUp, SignUpSignIN PolicyID, Configuring Application with Azure Application ID,Modern Applications, Requirements for Modern Apps, API, Logic Applications, Mobile App, Web App, Function App, Go To Market, Microsoft Application Platform, App Service Plan, App Service Environment - Private Infrastructure, Why use App Service, App service Features & Capabilities, Azure App Service, Virtual Machine, Service Fabric & Cloud Services Comparison, Creating a Mobile App, Swagger UI, API Apps, API management, API APPS & API Management, Implementing API APP via Visual Studio,
Introduction to the Microsoft identity platform for developersChristos Matskas
This deck gives you a quick tour of some of the important features in the Microsoft Identity Platform including Azure AD and B2C. We cover the why and the how to get started with the Microsoft identity platform to securely authenticate and authorize users in your apps - any platform, any language, any cloud.
Similar to Azure AD for browser-based application developers (20)
Future-proof Development for Classic SharePointBob German
This talk explains how to build headers and footers that work in both SharePoint "modern" (SharePoint Framework) and Classic pages. This work is from Julie Turner and me (Bob German)
For years, SharePoint has been positioned as a web development platform, but it’s hard to build modern websites using SharePoint’s rigid UI, which is rooted in decade-old WebForms technology. These solutions often break when SharePoint is upgraded, either in a migration from SharePoint 2013 to 2016, or really at any moment with SharePoint online! In this session, you’ll learn how to follow the patterns Microsoft uses in its NextGen portals and build your own modern application using SharePoint and Office 365 as a set of services. These solutions are responsive and can be developed using contemporary ASP.NET MVC technology. Content is stored in SharePoint or Office 365, and is enhanced through the machine learning in Office Graph. You’ll even learn how to include your own line-of-business data without the need for complex BCS configurations. Join us and learn to make your own Next Generation portal backed by SharePoint and Office 365!
Search First Migration - Using SharePoint 2013 Search for SharePoint 2010Bob German
This presentation reviews the differences between SharePoint 2010 Enterprise Search, FAST Search, and SharePoint 2013 Search. It then presents three approaches for using SharePoint 2013 to search SharePoint 2010 as part of a "Search First" migration.
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?XfilesPro
Worried about document security while sharing them in Salesforce? Fret no more! Here are the top-notch security standards XfilesPro upholds to ensure strong security for your Salesforce documents while sharing with internal or external people.
To learn more, read the blog: https://www.xfilespro.com/how-does-xfilespro-make-document-sharing-secure-and-seamless-in-salesforce/
In software engineering, the right architecture is essential for robust, scalable platforms. Wix has undergone a pivotal shift from event sourcing to a CRUD-based model for its microservices. This talk will chart the course of this pivotal journey.
Event sourcing, which records state changes as immutable events, provided robust auditing and "time travel" debugging for Wix Stores' microservices. Despite its benefits, the complexity it introduced in state management slowed development. Wix responded by adopting a simpler, unified CRUD model. This talk will explore the challenges of event sourcing and the advantages of Wix's new "CRUD on steroids" approach, which streamlines API integration and domain event management while preserving data integrity and system resilience.
Participants will gain valuable insights into Wix's strategies for ensuring atomicity in database updates and event production, as well as caching, materialization, and performance optimization techniques within a distributed system.
Join us to discover how Wix has mastered the art of balancing simplicity and extensibility, and learn how the re-adoption of the modest CRUD has turbocharged their development velocity, resilience, and scalability in a high-growth environment.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
Code reviews are vital for ensuring good code quality. They serve as one of our last lines of defense against bugs and subpar code reaching production.
Yet, they often turn into annoying tasks riddled with frustration, hostility, unclear feedback and lack of standards. How can we improve this crucial process?
In this session we will cover:
- The Art of Effective Code Reviews
- Streamlining the Review Process
- Elevating Reviews with Automated Tools
By the end of this presentation, you'll have the knowledge on how to organize and improve your code review proces
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
Your Digital Assistant.
Making complex approach simple. Straightforward process saves time. No more waiting to connect with people that matter to you. Safety first is not a cliché - Securely protect information in cloud storage to prevent any third party from accessing data.
Would you rather make your visitors feel burdened by making them wait? Or choose VizMan for a stress-free experience? VizMan is an automated visitor management system that works for any industries not limited to factories, societies, government institutes, and warehouses. A new age contactless way of logging information of visitors, employees, packages, and vehicles. VizMan is a digital logbook so it deters unnecessary use of paper or space since there is no requirement of bundles of registers that is left to collect dust in a corner of a room. Visitor’s essential details, helps in scheduling meetings for visitors and employees, and assists in supervising the attendance of the employees. With VizMan, visitors don’t need to wait for hours in long queues. VizMan handles visitors with the value they deserve because we know time is important to you.
Feasible Features
One Subscription, Four Modules – Admin, Employee, Receptionist, and Gatekeeper ensures confidentiality and prevents data from being manipulated
User Friendly – can be easily used on Android, iOS, and Web Interface
Multiple Accessibility – Log in through any device from any place at any time
One app for all industries – a Visitor Management System that works for any organisation.
Stress-free Sign-up
Visitor is registered and checked-in by the Receptionist
Host gets a notification, where they opt to Approve the meeting
Host notifies the Receptionist of the end of the meeting
Visitor is checked-out by the Receptionist
Host enters notes and remarks of the meeting
Customizable Components
Scheduling Meetings – Host can invite visitors for meetings and also approve, reject and reschedule meetings
Single/Bulk invites – Invitations can be sent individually to a visitor or collectively to many visitors
VIP Visitors – Additional security of data for VIP visitors to avoid misuse of information
Courier Management – Keeps a check on deliveries like commodities being delivered in and out of establishments
Alerts & Notifications – Get notified on SMS, email, and application
Parking Management – Manage availability of parking space
Individual log-in – Every user has their own log-in id
Visitor/Meeting Analytics – Evaluate notes and remarks of the meeting stored in the system
Visitor Management System is a secure and user friendly database manager that records, filters, tracks the visitors to your organization.
"Secure Your Premises with VizMan (VMS) – Get It Now"
Prosigns: Transforming Business with Tailored Technology SolutionsProsigns
Unlocking Business Potential: Tailored Technology Solutions by Prosigns
Discover how Prosigns, a leading technology solutions provider, partners with businesses to drive innovation and success. Our presentation showcases our comprehensive range of services, including custom software development, web and mobile app development, AI & ML solutions, blockchain integration, DevOps services, and Microsoft Dynamics 365 support.
Custom Software Development: Prosigns specializes in creating bespoke software solutions that cater to your unique business needs. Our team of experts works closely with you to understand your requirements and deliver tailor-made software that enhances efficiency and drives growth.
Web and Mobile App Development: From responsive websites to intuitive mobile applications, Prosigns develops cutting-edge solutions that engage users and deliver seamless experiences across devices.
AI & ML Solutions: Harnessing the power of Artificial Intelligence and Machine Learning, Prosigns provides smart solutions that automate processes, provide valuable insights, and drive informed decision-making.
Blockchain Integration: Prosigns offers comprehensive blockchain solutions, including development, integration, and consulting services, enabling businesses to leverage blockchain technology for enhanced security, transparency, and efficiency.
DevOps Services: Prosigns' DevOps services streamline development and operations processes, ensuring faster and more reliable software delivery through automation and continuous integration.
Microsoft Dynamics 365 Support: Prosigns provides comprehensive support and maintenance services for Microsoft Dynamics 365, ensuring your system is always up-to-date, secure, and running smoothly.
Learn how our collaborative approach and dedication to excellence help businesses achieve their goals and stay ahead in today's digital landscape. From concept to deployment, Prosigns is your trusted partner for transforming ideas into reality and unlocking the full potential of your business.
Join us on a journey of innovation and growth. Let's partner for success with Prosigns.
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...informapgpstrackings
Keep tabs on your field staff effortlessly with Informap Technology Centre LLC. Real-time tracking, task assignment, and smart features for efficient management. Request a live demo today!
For more details, visit us : https://informapuae.com/field-staff-tracking/
Why React Native as a Strategic Advantage for Startup Innovation.pdfayushiqss
Do you know that React Native is being increasingly adopted by startups as well as big companies in the mobile app development industry? Big names like Facebook, Instagram, and Pinterest have already integrated this robust open-source framework.
In fact, according to a report by Statista, the number of React Native developers has been steadily increasing over the years, reaching an estimated 1.9 million by the end of 2024. This means that the demand for this framework in the job market has been growing making it a valuable skill.
But what makes React Native so popular for mobile application development? It offers excellent cross-platform capabilities among other benefits. This way, with React Native, developers can write code once and run it on both iOS and Android devices thus saving time and resources leading to shorter development cycles hence faster time-to-market for your app.
Let’s take the example of a startup, which wanted to release their app on both iOS and Android at once. Through the use of React Native they managed to create an app and bring it into the market within a very short period. This helped them gain an advantage over their competitors because they had access to a large user base who were able to generate revenue quickly for them.
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
A Comprehensive Look at Generative AI in Retail App Testing.pdfkalichargn70th171
Traditional software testing methods are being challenged in retail, where customer expectations and technological advancements continually shape the landscape. Enter generative AI—a transformative subset of artificial intelligence technologies poised to revolutionize software testing.
top nidhi software solution freedownloadvrstrong314
This presentation emphasizes the importance of data security and legal compliance for Nidhi companies in India. It highlights how online Nidhi software solutions, like Vector Nidhi Software, offer advanced features tailored to these needs. Key aspects include encryption, access controls, and audit trails to ensure data security. The software complies with regulatory guidelines from the MCA and RBI and adheres to Nidhi Rules, 2014. With customizable, user-friendly interfaces and real-time features, these Nidhi software solutions enhance efficiency, support growth, and provide exceptional member services. The presentation concludes with contact information for further inquiries.
Listen to the keynote address and hear about the latest developments from Rachana Ananthakrishnan and Ian Foster who review the updates to the Globus Platform and Service, and the relevance of Globus to the scientific community as an automation platform to accelerate scientific discovery.
Exploring Innovations in Data Repository Solutions - Insights from the U.S. G...Globus
The U.S. Geological Survey (USGS) has made substantial investments in meeting evolving scientific, technical, and policy driven demands on storing, managing, and delivering data. As these demands continue to grow in complexity and scale, the USGS must continue to explore innovative solutions to improve its management, curation, sharing, delivering, and preservation approaches for large-scale research data. Supporting these needs, the USGS has partnered with the University of Chicago-Globus to research and develop advanced repository components and workflows leveraging its current investment in Globus. The primary outcome of this partnership includes the development of a prototype enterprise repository, driven by USGS Data Release requirements, through exploration and implementation of the entire suite of the Globus platform offerings, including Globus Flow, Globus Auth, Globus Transfer, and Globus Search. This presentation will provide insights into this research partnership, introduce the unique requirements and challenges being addressed and provide relevant project progress.
Globus Compute wth IRI Workflows - GlobusWorld 2024Globus
As part of the DOE Integrated Research Infrastructure (IRI) program, NERSC at Lawrence Berkeley National Lab and ALCF at Argonne National Lab are working closely with General Atomics on accelerating the computing requirements of the DIII-D experiment. As part of the work the team is investigating ways to speedup the time to solution for many different parts of the DIII-D workflow including how they run jobs on HPC systems. One of these routes is looking at Globus Compute as a way to replace the current method for managing tasks and we describe a brief proof of concept showing how Globus Compute could help to schedule jobs and be a tool to connect compute at different facilities.
Gamify Your Mind; The Secret Sauce to Delivering Success, Continuously Improv...Shahin Sheidaei
Games are powerful teaching tools, fostering hands-on engagement and fun. But they require careful consideration to succeed. Join me to explore factors in running and selecting games, ensuring they serve as effective teaching tools. Learn to maintain focus on learning objectives while playing, and how to measure the ROI of gaming in education. Discover strategies for pitching gaming to leadership. This session offers insights, tips, and examples for coaches, team leads, and enterprise leaders seeking to teach from simple to complex concepts.
3. Azure ACS Azure AD v1 Endpoint Azure AD v2 Endpoint Azure AD B2C
Federation with “social”
accounts (Google,
Facebook, Microsoft, etc)
Azure AD only “Unified” Azure AD +
Microsoft accounts
Federation with “social”
accounts (Google,
Facebook, Microsoft, etc)
Static consent model Static consent model Dynamic consent model Static consent, admins
only
Program with ADAL Program with MSAL Program with MSAL
Deprecated – will be
turned off November
2018*
Easy to write your own
services
Limitations when building
your own services
Highly scalable
Highly customizable
No “on behalf of” flow
Register in Azure Service
Bus (or in SharePoint for
add-ins and S2S)
Register in Azure Portal,
PowerShell etc.
New app registration
portal
Azure Portal B2C
Apps can be single or
multi-tenant
All apps are multi-tenant
(for now)
4. On-premises AD federation
Multi-factor authentication
B2B federation
Azure subscriptions
Office365
Your apps
Multi-tenant
partner apps
Daemon applications
Web browsers
Native applications
Application
gallery
Synchronise users
from your AD DS
Consent model
Conditional access
Self-service password, group mgmt
5. Azure AD Key Concepts
App Registration
• Application ID – uniquely identifies an app
• App Secret – effectively the password for app
“service account”; not used w/implicit flow
• Redirect URI – used to direct responses back to
your app
• More depending on the flow you plan to use
Resources – e.g. https://graph.windows.net or your
app’s GUID – These are apps secured with Azure AD -
not to be confused with ARM resources
Scopes – e.g. Directory.Read
These are permissions that are specific to each
resource
6.
7. • Unique identifier for an instance of Azure ADTenant ID, Directory ID
• Unique identifier for an application
App ID, Application ID,
Client ID
• Password used to authenticate the application
App Secret, App Key,
Client Secret
• App registration applied to a service, possibly in
another tenant
Enterprise Application,
Service Principal
8.
9. App type
Who can
consent
Effective
Permissions
Delegated Permissions
(Get access on behalf of users)
App Permissions
(Get access as a service)
Mobile, Web and Single page app
Service and Daemon
Elevate permissions
Users can consent
for their data
Admin can consent
for them or for all users
Only admin
can consent
App
permissions
User
permissions
App
permissions
Application permissionDelegated permission (user permission)
10. OAuth 2.0
When calling from Use this flow Permission
Browser Web service Implicit Flow User
Web service Web service On-Behalf-Of Flow User
Daemon or Web Service Web
Service
Client Credentials Flow App
Native application Web Service Authorization Code Flow
(client obtains auth code then access
token; SSO scenarios; client does not
handle user passwords)
or
User Credentials Flow
(client passes username and password)
User
14. The Challenge
API keys in the browser
can be stolen by anyone
using the browser’s built-
in developer tools
15. Azure Function Proxies
• Light-weight API management
• Change URL, manipulate request and
response
• Inherits the configuration of your Function
App – including “EasyAuth”
18. Troubleshooting Checklist
1. Does it work in Postman?
NOTE: Postman’s client credential flow does not work
with Azure AD; make the call manually!
2. Is the App ID correct?
3. Is the App Secret correct? Expired? Did you recently
make a major change to the App registration that
might invalidate the App Secret?
4. Are permissions correct? Are you using the right kind
of permission (App permissions for client credentials
flow; Delegated for everything else!)
5. Have you pressed the “Grant” button to grant
permission?
6. In your Auth URL are you referencing the right
resource (the one you plan to access?)
7. Are you using Implicit flow, and if so, is
allowImplicitFlow set in the app manifest?
19. Resources Sample code
https://link.bobg.tv/ImplicitFlow
“30 Days Graph” with article
explaining sample code
https://link.bobg.tv/30DaysGraph
Azure AD Documentation
https://link.bobg.tv/AAD-Docs
Microsoft Graph Explorer
https://link.bobg.tv/MSGraphExplorer
Extending SharePoint with ADAL
and MS Graph API (Julie Turner)
https://link.bobg.tv/SPADAL
Call MS Graph API tutorial (SPA)
https://link.bobg.tv/JSMSAL
Editor's Notes
You can build amazing user experiences with modern web technology, but to make it useful you almost always need to call web services. Many of these services, such as the Microsoft Graph and custom Web APIs, require an Azure AD access token. That sounds easy, but it's often very confusing to developers who are new to it. Other web services need only an API key, which is easily stolen by anyone who knows how to use the browser's developer tools.
In this session you'll learn the essentials for using Azure AD from your browser-based code. You'll learn about the different Azure AD endpoints - a point of confusion for sure - and when to use them. Then for each one, you'll learn how to register your client application and how to get that all important access token. As a bonus, you'll learn how to create your own Azure AD secured services and use an Azure Function Proxy to hide API keys for other services so they use Azure AD instead of an easily copied key value. Don't miss this quick, practical session that will get you consuming Azure AD web services in no time!
DEMO SETUP:
- VS Code
- http-server
- chrome – localhost:8080
- firefox – Azure portal
- Postman
“There is nothing permanent except change” – Heraclitus
“The beginning of wisdom is the definition of terms” – Plato
“A rose by any other name would smell as sweet” – Shakespeare
Microsoft Build 2017
Most useful in SharePoint: - Implicit flow on web pages - Client credentials flow for background jobs or elevating privileges in a web service
Microsoft graph began with people in the directory. People, groups, and relationships (e.g. a manager, a group member)
Then content like files
Then conversations in Skype 4 Biz, email, teams, online meetings; even conversations in Word comments
Then insights gathered by learning from all that information
Demo the site
V1 and V2 registrations – show:
- permissions
- implicit flow
- reply URLs
Code walk-through
Postman
- Show API key
Azure portal - function app
- Show proxy
- Show easy auth
Postman
- Show AAD auth