Windows Azure Active Directory (AD) Graph API and Hybrid Cloud Identity
Scott Guthrie mentioned Graph API in his keynote (01:03:10). There is also drill down session during Teched by Ed Wu:
Session Code: SIA322
Directory Graph API: Drill Down
Thursday, June 14 at 4:30 PM - 5:45 PM in S310E
This session introduces the new Directory Graph API, a REST-based API that enables access to Windows Azure Active Directory (Directory for Office 365 Tenants and Azure customers). We review the data directory model, the Graph API protocol (based on Odata V3 protocol), how authentication and authorization is managed, and demonstrate an end-to-end scenario. We walk through sample code calling the Directory Graph API. A roadmap is also reviewed. #TESIA322
With the introduction of Graph API the hybrid (public/private) cloud identity story becomes even better:
- Deploy your app anywhere – Windows Server, Windows Azure.
- Manage your identity anywhere – Windows Server AD or Windows Azure AD, and they sync!
- Authenticate and query user’s profile from on-prem/private and public cloud.
Consider the following high level model to help embracing the idea of the hybrid cloud organization identity:
- Windows Azure Security Guidance – Focus on Identity and Access
- Office 365 With Federated Authentication, Identities In Active Directory
- Windows Azure Active Directory on MSDN