SIA 322 Windows Azure Active Directory Graph API

  • Slides: 43
Download presentation
SIA 322 Windows Azure Active Directory Graph API Edward Wu Sr Program Manager Microsoft

SIA 322 Windows Azure Active Directory Graph API Edward Wu Sr Program Manager Microsoft Corporation

Administration Admin Portal Scripting, Power. Shell On Premises Active Directory Power. Shell Windows Azure

Administration Admin Portal Scripting, Power. Shell On Premises Active Directory Power. Shell Windows Azure Active Directory Synch Multi Tenant Environment LDAP Kerberos Applications New Applications Divided into Tenants Typed objects Example: Users, Groups, Contacts, Roles, Licenses Relationships Member/Member of, Manager/Direct reports 5

<Service root>/<resource path>[? Query string options] https: //directory. windows. net/contoso. com/Users? $filter=Display. Name eq

<Service root>/<resource path>[? Query string options] https: //directory. windows. net/contoso. com/Users? $filter=Display. Name eq ‘Adam Barr” https: //directory. windows. net/$metadata https: //directory. windows. net/contoso. com/Tenant. Details https: //directory. windows. net/contoso. com/Users https: //directory. windows. net/contoso. com/Groups https: //directory. windows. net/contoso. com/Roles https: //directory. windows. net/contoso. com/Contacts https: //directory. windows. net/contoso. com/Subscribed. Skus Example of filters ? $filter=City eq ‘Redmond‘ ? $filter=Given. Name eq ‘Adam' and Surname eq ‘Barr‘ ? $filter=Surname ge ‘Jackson' and Surname le ‘Jz' Response body JSON or XML HTTP Response Code

Request: https: //directoryppe. windows. net/Pharm. Sales. info/Users(‘Adam. Barrr@Pharma. Sales. info’) Returned JSON user object

Request: https: //directoryppe. windows. net/Pharm. Sales. info/Users(‘Adam. Barrr@Pharma. Sales. info’) Returned JSON user object "d": {"__metadata": {"id": "https: //directoryppe. windows. net/Pharma. Sales. info/Users('User_d 7 aadc 28 -a 2 ea-4 c 0 e-aabe-f 13 c 675 b 3 e 9 c')", "uri": "https: //directoryppe. windows. net/Pharma. Sales. info/Users('User_d 7 aadc 28 -a 2 ea-4 c 0 e-aabe-f 13 c 675 b 3 e 9 c')", "type": "Microsoft. Online. Directory. Api. User" }, "Manager": {"__deferred": { "uri": "https: //directoryppe. windows. net/Pharma. Sales. info/Users('User_d 7 aadc 28 -a 2 ea-4 c 0 e-aabe-f 13 c 675 b 3 e 9 c')/Manager"} }, "Direct. Reports": {"__deferred": { "uri": "https: //directoryppe. windows. net/Pharma. Sales. info/Users('User_d 7 aadc 28 -a 2 ea-4 c 0 e-aabe-f 13 c 675 b 3 e 9 c')/Direct. Reports"} }, "Member. Of": { "__deferred": {"uri": "https: //directoryppe. windows. net/Pharma. Sales. info/Users('User_d 7 aadc 28 -a 2 ea-4 c 0 e-aabe-f 13 c 675 b 3 e 9 c')/Member. Of"} "Object. Id": "d 7 aadc 28 -a 2 ea-4 c 0 e-aabe-f 13 c 675 b 3 e 9 c", "Object. Reference": "User_d 7 aadc 28 -a 2 ea-4 c 0 e-aabe-f 13 c 675 b 3 e 9 c", "Object. Type": "User", "Account. Enabled": true, "Assigned. Licenses": {"__metadata": {"type": "Collection(Microsoft. Online. Directory. Api. Assigned. License)"}, "results": [ ]}, "Assigned. Plans": {"__metadata": {"type": "Collection(Microsoft. Online. Directory. Api. Assigned. Plan)"}, "results": [ ]}, "City": "Redmond", "Country": "US", "Department": null, "Dir. Sync. Enabled": null, "Display. Name": "Adam Barr", "Facsimile. Telephone. Number": null, "Given. Name": "Adam", "Job. Title": null, "Last. Dir. Sync. Time": null, "Mail": null, "Mobile": null, "Other. Mails": {"__metadata": {"type": "Collection(Edm. String)"}, "results": [ ]}"Password. Policies": "None", "Physical. Delivery. Office. Name": null, "Postal. Code": "98052", "Preferred. Language": null, "Provisioned. Plans": {"__metadata": {"type": "Collection(Microsoft. Online. Directory. Api. Provisioned. Plan)"}, "results": [ ]}, "Provisioning. Errors": {"__metadata": {"type": "Collection(Microsoft. Online. Directory. Api. Provisioning. Error)"}, "results": [ ]}, "Proxy. Addresses": {"__metadata": {"type": "Collection(Edm. String)"}, "results": [ ]}, "State": "WA", "Street. Address": "One Microsoft Way", "Surname": "Barr", "Telephone. Number": "425 -882 -8080", "Usage. Location": "US", "User. Principal. Name": "Adam. Barr@Pharma. Sales. info"}

https: //Directory. windows. net/Contoso. com/Users(‘Bob@Contoso. com’)/Manager Bob Adam /Direct. Reports https: //Directory. windows. net/Contoso.

https: //Directory. windows. net/Contoso. com/Users(‘Bob@Contoso. com’)/Manager Bob Adam /Direct. Reports https: //Directory. windows. net/Contoso. com/Users(‘Adam@Contoso. com')/Direct. Reports Sue Jim /Member. Of Jill https: //Directory. windows. net/contoso. com/Users(‘Jill@Contoso. com')/Member. Of US Sales Team

US Sales Team https: //directory. windows. net/contoso. com/Groups('Group _1 a 9 f 7 ab

US Sales Team https: //directory. windows. net/contoso. com/Groups('Group _1 a 9 f 7 ab 7 -4292 -414 e-ad 33 -11 dc 679 f 364 c')/Member. Of Bob Sue Jim Jill https: //directory. windows. net/contoso. com/Groups('Group _1 a 9 f 7 ab 7 -4292 -414 e-ad 33 -11 dc 679 f 364 c')/Members Global Sales Team - US Sales - Europe

http: //www. odata. org

http: //www. odata. org

Request JWT token (pass input claims) OAuth Endpoint Directory Return token Application HTTP Request

Request JWT token (pass input claims) OAuth Endpoint Directory Return token Application HTTP Request with JWT Token REST Front End Validates ACStoken Authorization Check

Navigating the REST interface Sample Application

Navigating the REST interface Sample Application

Titus Paul Reid

Titus Paul Reid

Government Healthcare Transportation Energy & Utilities Over 300 Enterprise Customers Banking Retail Across All

Government Healthcare Transportation Energy & Utilities Over 300 Enterprise Customers Banking Retail Across All Industries Insurance Telecom 2 Million TITUS Users Military Chemical & Petroleum

1

1

HTTP Request Get Group Members of Engineering With Token Windows Azure AD Engineering Group

HTTP Request Get Group Members of Engineering With Token Windows Azure AD Engineering Group Derek Ed Anna HTTP Response with Engineering Group Memberships Derek Ed

Optimal IDM Michael Brengs

Optimal IDM Michael Brengs

Mike. Brengs@optimalidm. com http: //www. optimalidm. com

Mike. Brengs@optimalidm. com http: //www. optimalidm. com

LDAP Virtual Directory

LDAP Virtual Directory

partner Orcas Consulting Name: Jeremy Palenchar Title: Partner Company: Orcas Consulting jeremyp@orcasconsulting. com

partner Orcas Consulting Name: Jeremy Palenchar Title: Partner Company: Orcas Consulting jeremyp@orcasconsulting. com

announcing Graph API Management Agent for FIM 2010 from Orcas Consulting Email: sales@orcasconsulting. com

announcing Graph API Management Agent for FIM 2010 from Orcas Consulting Email: sales@orcasconsulting. com

Azure AD pre-production tenant Import On-Prem FIM 2010 Salesforce. com Export orcas development tenant

Azure AD pre-production tenant Import On-Prem FIM 2010 Salesforce. com Export orcas development tenant In Cloud

demo Graph API Management Agent for FIM 2010

demo Graph API Management Agent for FIM 2010

Easy to consume data using OData for. Net Very little custom code for MA

Easy to consume data using OData for. Net Very little custom code for MA implementation Authentication tested using symmetric and PKI (asymmetric) tokens

POST /Contoso. com/Users HTTP/1. 1 Host: https: //directory. Windows. net Content-Type: application/json; odata=verbose Authorization:

POST /Contoso. com/Users HTTP/1. 1 Host: https: //directory. Windows. net Content-Type: application/json; odata=verbose Authorization: Bearer ey 1287 Z……… X-ms-dirapi-contract-version: 0. 5 Bob. Jones@contoso. com

3

3

http: //msdn. microsoft. com/en-us/library/hh 974476. aspx www. office 365. com

http: //msdn. microsoft. com/en-us/library/hh 974476. aspx www. office 365. com

Admin Portal Power. Shell On Premises Active Directory Windows Azure Active Directory Synch Multi

Admin Portal Power. Shell On Premises Active Directory Windows Azure Active Directory Synch Multi Tenant Environment LDAP Kerberos Applications Your Applications Divided into Tenants Typed objects Example: Users, Groups, Contacts, Roles, Licenses Relationships Member/Member of, Manager/Direct reports 3

SIA 209 A Lap Around Windows Azure Active Directory, Monday SIA 205 Running AD

SIA 209 A Lap Around Windows Azure Active Directory, Monday SIA 205 Running AD on Windows Azure VM, Monday OSP 321 Active Directory Integration with Microsoft Office 365, Tuesday Find Me Later : at the Party and Online

MSDN Documentation: Windows Azure AD Graph API http: //msdn. microsoft. com/en-us/library/hh 974476. aspx Preview

MSDN Documentation: Windows Azure AD Graph API http: //msdn. microsoft. com/en-us/library/hh 974476. aspx Preview Sample Application download link http: //go. microsoft. com/fwlink/? Link. ID=95732&clcid=0 x 409

#TE(sessioncode) Talk to our Experts at the TLC DOWNLOAD Windows Server 2012 Release Candidate

#TE(sessioncode) Talk to our Experts at the TLC DOWNLOAD Windows Server 2012 Release Candidate Hands-On Labs microsoft. com/windowsserver DOWNLOAD Windows Azure Windowsazure. com/ teched

Learning Connect. Share. Discuss. Microsoft Certification & Training Resources http: //northamerica. msteched. com www.

Learning Connect. Share. Discuss. Microsoft Certification & Training Resources http: //northamerica. msteched. com www. microsoft. com/learning Tech. Net Resources for IT Professionals Resources for Developers http: //microsoft. com/technet http: //microsoft. com/msdn

Complete an evaluation on Comm. Net and enter to win!

Complete an evaluation on Comm. Net and enter to win!

to evaluate this session now on

to evaluate this session now on