Web authentication broker (Windows Store apps)
The web authentication broker provides a set of APIs and the infrastructure for apps to use Internet authentication and authorization protocols such as OAuth and OpenID.
When an app calls the web authentication broker, the user gets a dialog box in which the necessary webpages are rendered to sign in. After the user completes those steps, the dialog box goes away and the user continues with the app.
The following diagram shows an example modal dialog box.
The single sign-on (SSO) mode of the web authentication broker APIs is provided to enable users to seamlessly authenticate to a single service across multiple Windows Store apps. The provider of the service must all the user to explicitly consent to that authentication, typically by providing a "Keep me logged in" option. The provider must also make it clear to the user how their identity is being used, typically by providing a link to a privacy statement from the logon page.
The web authentication broker provides the following benefits:
- An easy-to-use programming interface that frees the app developer from hosting a browser control within their own app.
- Integration of a provider's web page with a Windows 8 user interface. For more information for online providers, see Web authentication broker for online providers.
- User credentials that are isolated from the app.
- Native support for single sign-on with online providers. For more information, see the How Web authentication broker single sign-on works.
The web authentication broker is the broker or facilitator between your app and authentication.
The Web authentication broker enables single sign-on (SSO) by allowing persisted cookies (e.g. logon cookie) to live in a special purpose SSO app container.
This topic describes troubleshooting tips for using the Web authentication broker APIs for your web pages.
explain considerations for online identity providers to enable apps to connect.
- Web authentication broker sample
- Connecting to online identity providers
Build date: 11/28/2012