Microsoft 身分識別平台 (v2.0) 概觀Microsoft identity platform (v2.0) overview

Microsoft 身分識別平台是 Azure Active Directory (Azure AD) 開發人員平台的演化。Microsoft identity platform is an evolution of the Azure Active Directory (Azure AD) developer platform. 它可讓開發人員建置應用程式以登入所有 Microsoft 身分識別,並取得權杖以呼叫 Microsoft Graph 等 Microsoft API,或開發人員所建置的 API。It allows developers to build applications that sign in all Microsoft identities and get tokens to call Microsoft APIs, such as Microsoft Graph, or APIs that developers have built. Microsoft 身分識別平台包含:The Microsoft identity platform consists of:

  • OAuth 2.0 和 OpenID Connect 符合標準的驗證服務,可讓開發人員驗證任何 Microsoft 身分識別,包括:OAuth 2.0 and OpenID Connect standard-compliant authentication service that enables developers to authenticate any Microsoft identity, including:
    • 工作或學校帳戶 (透過 Azure AD 佈建)Work or school accounts (provisioned through Azure AD)
    • 個人 Microsoft 帳戶 (例如 Skype、Xbox 及 Outlook.com)Personal Microsoft accounts (such as Skype, Xbox, and Outlook.com)
    • 社交或本機帳戶 (透過 Azure AD B2C)Social or local accounts (via Azure AD B2C)
  • 開放原始碼程式庫:Microsoft 驗證程式庫 (MSAL) 和其他符合標準的程式庫支援Open-source libraries: Microsoft Authentication Libraries (MSAL) and support for other standards-compliant libraries
  • 應用程式管理入口網站:Azure 入口網站內建的註冊和設定體驗,以及所有其他 Azure 管理功能。Application management portal: A registration and configuration experience built in the Azure portal, along with all your other Azure management capabilities.
  • 應用程式設定 API 和 PowerShell:可讓應用程式透過 REST API (Microsoft Graph 和 Azure Active Directory Graph 1.6) 和 PowerShell 以程式設計方式進行設定,以便您將 DevOps 工作自動化。Application configuration API and PowerShell: which allows programmatic configuration of your applications through REST API (Microsoft Graph and Azure Active Directory Graph 1.6) and PowerShell, so you can automate your DevOps tasks.
  • 開發人員內容:概念和參考文件、快速入門範例、程式碼範例、教學課程及操作指南。Developer content: conceptual and reference documentation, quickstart samples, code samples, tutorials, and how-to guides.

對於開發人員,Microsoft 身分識別平台會提供身分識別和安全性空間創新的無縫整合,例如無密碼驗證、設定驗證和條件式存取。For developers, Microsoft identity platform offers seamless integration into innovations in the identity and security space, such as passwordless authentication, step-up authentication, and Conditional Access. 您不需要自行實作這類功能:與 Microsoft 身分識別平台整合的應用程式可以原生方式利用這類創新。You don’t need to implement such functionality yourself: applications integrated with the Microsoft identity platform natively take advantage of such innovations.

透過 Microsoft 身分識別平台,您可以撰寫程式碼一次並觸及任何使用者。With Microsoft identity platform, you can write code once and reach any user. 您可以建置應用程式一次並讓它在許多平台上運作,或建置可當作用戶端以及資源應用程式 (API) 的應用程式。You can build an app once and have it work across many platforms, or build an app that functions as a client as well as a resource application (API).

開始使用Getting started

使用身分識別一點都不難。Working with identity doesn’t have to be hard. 選擇您適用的案例 — 每個案例路徑都有快速入門和概觀頁面,可讓您在短短幾分鐘內啟動並執行:Choose a scenario that applies to you— each scenario path has a quickstart and an overview page to get you up and running in minutes:

下圖概述常見的驗證應用程式案例 – 整合 Microsoft 身分識別平台與您的應用程式時,使用此圖作為參考。The following chart outlines common authentication app scenarios – use it as a reference when integrating the Microsoft identity platform with your app.

Microsoft 身分識別平台中的應用程式案例Application scenarios in Microsoft identity platform

後續步驟Next steps

如果您想要深入了解核心驗證概念,建議您從下列主題著手:If you’d like to learn more about core authentication concepts, we recommend you start with these topics:

建置資料豐富的應用程式以呼叫 Microsoft GraphBuild a data-rich application that calls Microsoft Graph.

當您準備好在生產環境中啟動應用程式時,請檢閱下列最佳做法:When you’re ready to launch your app into a production environment, review these best practices:

深入了解Learn more

如果您打算建置可登入社交和本機身分識別的客戶面向應用程式,請參閱 Azure AD B2C 概觀If you’re planning to build a customer-facing application that signs in social and local identities, see the Azure AD B2C overview.