Sunday, December 7, 2008

Online Identity

Online Identity
  • Easing the pain of identity integration
  • James McCutcheon
  • nSquared
  • LiveID Overview
  • Advantages and Drivers
  • Types of Authentication: WebAuth; DelAuth; ClientAuth
  • Contacts
  • Summary
  • Discussion
Session objectives and takeaways
  • At the end of this session the audience should understand LiveID and how to sue it
  • Feel confident and comfortable to go and start creating apps that use LiveID.
Microsoft Identity Software + Services
  • One identity model that puts users in control of their identities
  • Flexibility via choice
  • Enhances Developer Productivity
  • Standards Based
  • Services: Live Identity
  • Software: Live Framework
  • Find & Locate: Live Search; Virtual Earth
  • Identity: LiveID
  • User Data: Contacts, Photos, App Storage
  • Notifications & Messaging: Messenger, Alerts, Agents
  • Infrastructure: Admin Centre; SilverLight Streaming
The Life of an App Developer
  • Operating Environment
  • Different authentication protocols; Different principal types = AuthN
  • Trust relationship management; Child account legal and parental controls; Account sign-up/management = On-boarding
  • Identity Provider availability and reliability; Anti-spam account detection = IdP QoS
  • = Identity “pain”
  • Business Logic
Live ID Identity Services Principles
  • Consumer + Enterprise
  • Federation friendly
  • Open & Standards-based
  • Rich functionality
  • Ease of use
  • = Above all: SECURE!
Steps to Identity Integration – APPA
  • A = Authentication (Auth Principles + Principle Types)
  • P = Policy (Trust relationships + Auth token policies)
  • P = Profile (Account registration + Membership DB)
  • A = Authorization (Claims + Roles + Access control)
Live Identity Services (Integration SDKs)
  • Web Application (Authentication)
    • Web site integration (co-branded user experience; open source samples in 7 languages – C#, VB, Java, Perl, PHP, ruby, Python)
    • Windows Live ID Web Authentication SDK (
  • Web Application (Delegation)
    • App provider accessing user data stored in Live Services (Open source samples in 7 languages)
    • Windows Live ID Deleted Authentication SDK
    • ASP.NET controls -> simplified integration (controls: IDLogin, IDLoginView, Contacts, SilverlightStreaming Media, Virtual Earth Maps)
    • Windows Live Tools
  • Windows Rich Client Application
    • Rich client applications (Windows Client OS)
    • Windows Live ID Client SDK
Everything needs an ID – Why LiveID?
  • You the end user don’t have to worry about setting up and maintaining the back end infrastructure required for AuthZ and AuthN
  • LiveID Services takes care of it for you
  • LiveID Services is always online, secure, backup and available
  • Based on Open standard and platform neutral
  • Easy to provision, access and use
  • Technology agnostic
  • Move seamless across multiple…
LiveID – Rich Functionality
  • Provides an identity platform
  • All delivered as Software + Services
  • Live Identity Services Web Authentication
  • Enabling apps to be secure
  • Azure Services Developer Portal
  • Create new project
  • Domain:
  • Return URL:
  • Receive new Application ID and Secret Key
  • Hosts file edit: =
  • Edit Web.config: appSettings: add key: wll_appid & wll_secret
  • Edit IDLoginStatus: ApplicationConfigKey & SecretConfigKey
Web Authentication Protocol Overview
  1. End User with web browser -> Relying Party Web Site e.g.
  2. Relay back to Windows Live ID Service
  • Windows Live ID Web authentication SDK Docs:
  • Windows Live Tools (IDLogin Status Control – ASP.NET)
  • Sign-in Screen Customization XML
  • Customizable Registration Screens
Live Identity Services Delegated Authentication
  • Enabling Data Portability
Delegated Auth Protocol Overview
  • Request Consent
  • Grant Consent
  • Using Consent (via token)
  • Refresh token
Client SDK
  • Integrate Desktop Applications to use Live ID
  • More…
PDC Announcement
  • Microsoft is becoming an OpenID Provider (OP)
Summary – Windows Live ID
  • The biggest identity provider on the planet
  • But LIVDE ID platform is much more than just the familiar login box
  • Various types of users and various authentication models are supported

No comments:

Post a Comment