Microsoft identity platform (v2.0) overview
Microsoft identity platform is an evolution of the Azure Active Directory (Azure AD) developer platform. It allows developers to build applications that sign in all Microsoft identities and get tokens to call Microsoft APIs, such as Microsoft Graph, or APIs that developers have built. The Microsoft identity platform consists of:
- OAuth 2.0 and OpenID Connect standard-compliant authentication service that enables developers to authenticate any Microsoft identity, including:
- Work or school accounts (provisioned through Azure AD)
- Personal Microsoft accounts (such as Skype, Xbox, and Outlook.com)
- Social or local accounts (via Azure AD B2C)
- Open-source libraries: Microsoft Authentication Libraries (MSAL) and support for other standards-compliant libraries
- Application management portal: A registration and configuration experience built in the Azure portal, along with all your other Azure management capabilities.
- Application configuration API and PowerShell: which allows programmatic configuration of your applications through REST API (Microsoft Graph and Azure Active Directory Graph 1.6) and PowerShell, so you can automate your DevOps tasks.
- Developer content: conceptual and reference documentation, quickstart samples, code samples, tutorials, and how-to guides.
For developers, Microsoft identity platform offers seamless integration into innovations in the identity and security space, such as passwordless authentication, step-up authentication, and Conditional Access. You don’t need to implement such functionality yourself: applications integrated with the Microsoft identity platform natively take advantage of such innovations.
With Microsoft identity platform, you can write code once and reach any user. You can build an app once and have it work across many platforms, or build an app that functions as a client as well as a resource application (API).
Working with identity doesn’t have to be hard. Choose a scenario that applies to you— each scenario path has a quickstart and an overview page to get you up and running in minutes:
- Build a single-page app
- Build a web app that signs in users
- Build a web app that calls web APIs
- Build a protected web API
- Build a web API that calls web APIs
- Build a desktop app
- Build a daemon app
- Build a mobile app
The following chart outlines common authentication app scenarios – use it as a reference when integrating the Microsoft identity platform with your app.
If you’d like to learn more about core authentication concepts, we recommend you start with these topics:
- Authentication flows and application scenarios
- Authentication basics
- Application and service principals
- Permissions and consent
- ID tokens and access tokens
Build a data-rich application that calls Microsoft Graph.
When you’re ready to launch your app into a production environment, review these best practices:
- Enable logging in your application.
- Enable telemetry in your application.
- Enable proxies and customize HTTP clients.
- Test your integration by following the Microsoft identity platform integration checklist.
If you’re planning to build a customer-facing application that signs in social and local identities, see the Azure AD B2C overview.