Slides related to the talk I gave @ SharePoint Days, Munich. The talk includes: 1. Multi-tenant application architecture 2. Multi-tenant database design 3. Authentication towards Azure AD (with OpenID Connect) 4. Access to Office Graph API (with OAuth) 5. Insights into the process of publishing provider hosted apps to Office Store

1. MULTI-TENANT
PROVIDER HOSTED
APPS
From Idea to Office Store
Biserka Cvetkovska

2. BISERKA CVETKOVSKA
SharePoint & Office365 Specialist
@biserka_
biserkacvetkovska.com
biserka.cvetkoska@agitavit.com

3. INTRODUCTION TO MULTI-TENANT
PROVIDER HOSTED APPS

4. THE SHAREPOINT APP (ADD-IN) MODEL
• It came along with SharePoint 2013
• 4 terms to simplify the understanding of SharePoint
• Site
• People
• Apps
• Themes
• Benefits
• Initial core functionalities stay intact by custom solutions
• Cloud-ready solutions
• Openness

5. PROVIDER HOSTED APPS

6. MULTITENANCY
• The same version of the app is installed on multiple tenants
• Why should you develop multi-tenant apps?
• Easy to maintain
• Easily managed upgrades
• No different versions of the app to take care of
Multi-tenant provider hosted apps

7. DEVELOPMENT OF MULTI-TENANT
PROVIDER HOSTED APPS

8. DEVELOPMENT TOOLS AND TEMPLATES
• Tools required for SharePoint apps development
• MS Visual Studio v2013+
• MS Azure SDK for .NET
• Microsoft Office Developer Tools
• OOB SharePoint app template
• SharePoint App  SharePoint Project
• Remote Web App  ASP.NET MVC Web Project
• Web API in case of an extendibility in the future (with native mobile
app in mind)

9. MULTI-TENANT DATABASE ARCHITECTURE

10. DATA ACCESS IN A MULTI-TENANT APP
• Entity Framework
• Code First
• Creating tables on demand
• “Fixing” EF to work with a multi-tenant database

11. IDENTITY MANAGEMENT IN A MULTI-TENANT APP
• Identity management is hard. There are too many things to worry about
• Storing passwords and secrets
• Dealing with different parameters that work with different identity providers
• Preventing prompts for credentials
• …
• Integration with Azure AD
• OpenID Connect
• ADAL (Azure Directory Authentication Library)

12. OPENID CONNECT & ADAL - A TALE OF FRIENDSHIP

13. PROVISIONING MULTI-TENANT APPS IN AZURE AD
• Multi-tenant apps that enable authentication towards Azure AD must be
registered in
• Your company’s AD &
• Each organization’s AD that will be using the app
• Register your app by implementing a consent flow
• Only global administrators can consent
• Consent & give permissions to the app so it can access resources in your Azure AD

14. CONSENT FLOW FOR MULTI-TENANT APPS

15. DEMO

16. PUBLISHING THE APP TO OFFICE
STORE

17. OFFICE STORE
• Introduced to contribute to the simplicity of the App Model
• Benefits
• For users
• Simple & fast installation of apps
• Increasing productivity through apps that suit your needs
• For developers
• Great opportunity to promote your work
• Get feedback from your users
• Get paid through the Store
• Publish your app to Office Store
• How does the process go?

18. “OPEN CREATIVITY. STRONGER COMMUNITY.”
• The app model makes SharePoint to be more accessible for both users
and developers
• In addition makes the community even stronger
• Not just the SharePoint community but the Web community in general
• With Office Store and technologies (such as SPFx) that are yet to come,
MS finally set SharePoint on the right path

19. THANK YOU

20. BISERKA CVETKOVSKA
SharePoint & Office365 Specialist
@biserka_
biserkacvetkovska.com
biserka.cvetkoska@agitavit.com