How to make possible single sign-in into my php app for Office 365 users?
I was reading a bit about Microsoft solutions and if I understood well I have to create account on Microsoft Azure AD and buy their services, right?
I found out that Azure AD supports SAML 2.0..
Does anyone did this before and can describe a process a bit more detailed for me? && what data I am receving in SAML response? =)
I am already familiar with SAML protocol and using it.. just not with Microsoft services and where to go to complete this..
Thanks!!
After whole day of digging found something:
http://azure.microsoft.com/en-us/documentation/articles/active-directory-php-web-single-sign-on/
I hope it will be useful for others who have similar question ;-)
Related
Currently I'm working on webapps and its VB code. I need to deploy it into Azure platform but I'm not sure about this 2 things. FYI, system that I developed don't have login page, which is based on current pc login username. So I retrieved current pc login username and check with my database whether current user allowed to use or not. When its in localhost, everything ok, I can retrieve username but when I deployed it to Azure it can't since I need to setup for Azure AD. But I'm a bit confused as my IT global ask me to do some codes to read from Azure AD. How to configure it with codes and also in Azure? Is there any difference between MSAL and SAML? Do I need to setup for both or should I just setup either one? I'm new in this so I don't know much of it. Hopefully someone can help me to solve it as I'm stuck for a month now. Thank you in advance.
P/S: My systems is in VBA codes, not in C# as I can see that many sample/example is in C# codes.
*Link with Azure AD and get user details like username/emails/etc once browse the webapps
SAML is a protocol used for authentication. A more contemporary protocol is OpenId Connect.
MSAL is a library that helps integrate your application with Azure AD.
I'd suggest you start with the Microsoft identity platform (Azure Active Directory for developers) and get yourself familiar with how to integrate your application successfully with Azure AD.
Some of the samples provided on that page teach how to make calls to Microsoft Graph, where you'd be able to get more details about the signed-in user.
I have trouble linking my B2C AAD to Azure Analysis Services. Is this even possible? If yes, what's the best way to build it in?
The documentation states "Azure Analysis Services supports Azure AD B2B collaboration" but doesn't mention B2C. Is there a workaround?
It is not listed in the release notes and a number of others have asked about this, so from what I can tell it does not appear to be supported. I have escalated your question to the Microsoft product group and will get back to you as soon as I have a definitive answer.
In the meantime you can make a feature request in User Voice. https://feedback.azure.com/forums/169401-azure-active-directory/category/160596-b2c
After scouring the internet, I've found a variety of answers to this question, but nothing is clear. With an Azure AD app, it looks like Yammer Delegate permissions are included so I would imagine that I could use then ADAL token from the app, to interact with Yammer APIs but have been running into issues. Has anyone else got this working? Is there any way to silently authenticate with yammer in SharePoint online?
The Yammer Delegate permissions are a preview feature. Long-term we plan to integrate fully with the O365 developer experience, but aren't quite there yet. Today, Yammer supports a number of scenarios that don't align with O365. Once the product better aligns it's going to be possible to provide much deeper integration (not just limited to developer APIs.) One limitation of the delegate permission is that it won't work with networks that are using Yammer Identity. Another is that some endpoints might not accept the tokens.
The supported authentication flows for Yammer are documented on the developer site and these support users with all authentication types for Yammer. With these APIs you'll end up juggling an additional Yammer-only token. It is possible to use impersonation to silently authenticate users without them being prompted to authorize the Yammer app. There is a blog post providing an overview of how this can be used in combination with the Yammer JS SDK, but the tokens could be used from other clients.
Is it possible to get my DocuSign developer account enabled with the SAML SSO option? I've contacted normal support and they told me to post here to see if the feature can be enabled on my account.
Jamie, I am sorry but you got wrong instructions from maybe an inexperienced Customer Service person. To configure SAML/SSO we need to get your PII and your account information. This is not a good forum for that. Please reach back to your Account Manager or Solution Engineer and they will help you.
Is this even possible? I want to build a small community site but do not want to use Live ID.
Sharepoint has an extensible authentication provider model, so you could use that to extend it to support openid.
See the OpenID membership provider project on CodePlex. This provides OpenID support for SharePoint.
If you're just looking for a windows-based community site framework, I'd suggest Community Server, which has a free license and built-in OpenID support.
http://communityserver.com/products/express/
Many people have already done this using DotNetOpenId with SharePoint.
There are some discussions on the dotnetopenid mailing list that cover this topic. Feel free to post your question there to get the responses of a few people there who have done it.
There are exists two solution that exactly meet your requirments:
SharePoint Claims Provider for SharePoint Claims Based Authentication that use Windows Live ID and other OpenID provider such as Google and yahoo.
it will allows you and your members sign in to your SharePoint site with any OpenID provider or Windows Live ID.
Check SharePoint Live Authentication here : http://www.shetabtech.com/english/SharePointLiveAuth