OneNote: Developer Blog

Microsoft identity platform Azure AD

Microsoft identity platform at Ignite 2019

Hello Developers!

We’re thrilled to be at Microsoft Ignite in Orlando, FL this week engaging with our community of IT professionals and developers. We’re excited to be showing the latest improvements that we’re making to the Microsoft identity platform so it’s easier to develop apps that integrate with any Microsoft identity. Read on to learn more on how we’re continuing to improve the Microsoft identity platform and what we’re announcing this week at Ignite.

Microsoft Authentication Libraries available for more platforms

Just last month we announced that Microsoft Authentication Libraries (MSAL) for Android, iOS and macOS are generally available. And today, we’re announcing that MSAL for Python and Java are now in public preview. The Microsoft Authentication Libraries are the best way to integrate authentication into your applications and services for any Microsoft identity. By using our libraries your applications can begin to support single sign-on, advanced security features like Azure AD Identity Protection, passwordless authentication, and comply with Conditional Access policies implemented by IT. For developers that have existing applications that use Azure Active Directory Authentication Library (ADAL) we’ve made available detailed migration guidance so your applications can be upgraded to MSAL.

Application API is now generally available

To make it even easier and more scalable to manage your applications, the Application API in Microsoft Graph is now generally available. All the things you can do in the app registrations experience can also be done through Microsoft Graph. With the Application API you can register, update or even rotate application certificates and secrets at scale through Microsoft Graph. Additionally, the Application API allows you to build workflows and automation to streamline processes. Be sure to explore our documentation to learn about all the ways you can programmatically manage your applications.

Public preview of app registrations in Azure AD B2C tenants

We also brought the new app registrations experience in the Azure portal to Azure AD B2C tenants! The new experience, currently rolling out to public preview, shows you all your B2C app registrations and Azure AD app registrations in one place and gives you a consistent way to manage them. You can try it out by navigating to App registrations (Preview) in a B2C tenant. To learn more about how to get started, check out our documentation.

Microsoft Graph now includes all Azure AD Graph capabilities and more

It’s been quite a journey to bring all functionality that Azure AD Graph offers into Microsoft Graph. And today, we’re thrilled to announce that all functionality in Azure AD Graph is now available in Microsoft Graph! Over the past few months we’ve made managing OrgContacts, Cert-based auth configuration, Directory RBAC and more Azure AD APIs available in Microsoft Graph.

Moving forward all Azure AD features and new innovations will only be available on Microsoft Graph. We strongly recommend developers building new apps to use Microsoft Graph only and developers who have existing apps to migrate to Microsoft Graph. You can monitor the Azure AD capabilities that we add into Microsoft Graph in our changelog. We’re in the process of rolling out all Azure AD Graph capabilities into Microsoft Graph and expect all customers to be able to take advantage of these capabilities by the end of this month.

Improving our consent model

As part of making our consent experience easier and more flexible, we’ll be giving developers the ability to grant access to specific resources. This finer grained control helps administrators ensure that users within their tenants operate with least privilege. The ability to enable resource specific consent is now in preview for Microsoft Teams applications and we plan to expand this capability to other resources and scenarios.

We’ve also improved our admin consent experience so end users can quickly request consent to applications that you’re building.  The new admin consent experience allows users to request consent and to direct these requests to administrators so they can track app requests, act on these requests, and approve consent at an app level. With the new workflow, we’re helping end users seamlessly adopt applications while ensuring the applications they adopt adhere to organizational requirements.

Come talk to us at Ignite

If you’re attending Microsoft Ignite this year be sure to stop by our Microsoft identity platform sessions to learn more about what’s new and best practices when developing apps with the Microsoft identity platform.

And if you have any questions and are at Microsoft Ignite, be sure to swing by our booth in the Microsoft 365 Platform area!

-Microsoft identity platform team

 

filter-icon