This workshop will walk you through different security scenarios – SPAs, micro services (Service Fabric), PaaS exposure (public APIs for integration), coupled legacy projects, testing of the aforementioned, etc. We will fall in the decision tree of OAuth grant types, go for OpenId Connect, dive into Azure AD and Azure B2C excellence and limitations and get users there with Graph API (which one?). We will provide granular claims-based authorization on both app and user level. Single Sign-On/Single Sign-out experience for end users will be achieved. An automation scenario for testing back-end APIs will be shown. Tips for automated provisioning of both services and tenants will be discussed. All this diversity of scenarios and technologies will stick together in a sustainable architecture in Azure cloud.
Key Takeaways: