Post on 17-Feb-2017
Introduction to Azure Web Applications for Office and SharePoint Developers
@eshupps sharepointcowboywww.sharepointcowboy.com
slideshare.net/eshupps linkedin.com/in/eshupps
EricShuppsMicrosoftMVP
Agenda
Host Web
App WebAppPart
SP Hosted App
API’s
Web Site
SiteContents
Host Web
API’s
Azure WebSite
AppLauncher
Full Trust
Coverage
Capability
Integration
Familiarity
Add-Ins
Contextual
PHA/SHA
Extensibility
Framework
X-Platform
Customizations
Modern
Azure
Flexible
SSO
Multi-Tenant
Deployment
What Works What Doesn’t
BoundtosingleADdomainCannotbeaccessedbyotherdomainsSimplifiedauthorizationmodel
OwnedbysingleauthorizingdomainAccessiblebyanyAzureADdomainAuthorizedbyAzureadminforindividualdomainsAppownermustmanagetenantregistration
PermissionsAuthorizationAuthentication
DeveloperscannotmodifyloginexperienceUserinterfaceissuboptimal
AccesstoresourcesrequirespermissiondefinitionOAuthtokensforO365POSTtoappwithuser/tenantdetails
ApplauncherinO365Usersnotifiedofappavailabilityinalerts
Manifest:oauth2AllowImplicitFlow=trueTokenandauthorizationendpointsTenantID=“common”formulti-tenantWSFED“common”endpoint
Non-customizableconsentpageinMSFTdomain
GET: https://login.microsoftonline.com/common/oauth2/authorize?client_id={client ID}& response_type=token&redirect_uri={redirect URI}
ApplicationDelegated
Minimum:“Signinandreaduserprofile”Bewarepermissionlevelrestrictions
Exchange Yammer AzureADSharePointOnline PowerBI AzureManagementO365Management Skype
MAN
IFEST
VisualStudio2015templatesareincomplete
• Database• Tenants,IssuingAuthorityKeys,SignupTokens
• RegistrationModule• XMLResponseParser• TenantandUserInformation• Auth Tokens
• Federation,RealmandIdentityConfiguration• HTTPSRedirection• Sign-InPage(optional)
• AD Apps• SSL• DNS• SSO• Permissions• Multi-tenant
Configuration
•Servers, Networking, Authentication, Admin Access•Azure AD Premium*
Resources
• Admin Authorization• User/Group Assignment*
Distribution
https://github.com/eshupps/SPDemo.AzureAD.REST
http://www.slideshare.net/eshupps