Azure IssueTracker Enterprise - Simple Demos

Provisioning IssueTracker Enterprise:


  • There’s no direct interaction with Access Control Service. IssueTracker uses ACS API to create the scopes, rules and the issuer (Contoso).
  • The provisioning form captures all the required information to setup the trust relationship between Access Controls Service and the tenant (certificate, etc)



Tenant (Contoso_Enterprise) uses IssueTracker Enterprise from a Smart Client (Active Profile):


  • Tenant STS is configured:
    • Tenant name that must be the same as the name used in the provisioning form.

    • Signing certificate thumbprint: this is used internally to retrieve the certificate form the store. Thumbprint can be obtained from the certificate properties.


Tenant Manages IssueTracker Enterprise from PowerShell scripts:


  • PowerShell CmdLets are registered
  • Management User disables the application (passing a parameter to define reason)
  • Business User attempts to use the system, gets an error message (with the above reason)
  • Management user enables application back


Tenant changes STS configuration issuing different Claims:


  • Tenant changes one of the output claims to “Program Manager”. In the real implementation this could be a user moving from group in Active Directory to another
  • System rejects access as the claim is not recognized as input to any rule in ACS