Skip to main content
Sign in
HomeLibraryLearnDownloadsSupportCommunityForums
Security > Home > Identity Management: Windows Identity Foundation

Windows Identity Foundation Simplifies User Access for Developers

Windows Identity Foundation logo

Windows Identity Foundation enables .NET developers to externalize identity logic from their application, improving developer productivity, enhancing application security, and enabling interoperability. Enjoy greater productivity, applying the same tools and programming model to build on-premises software as well as cloud services. Create more secure applications by reducing custom implementations and using a single simplified identity model based on claims. Enjoy greater flexibility in application deployment through interoperability based on industry standard protocols, allowing applications and identity infrastructure services to communicate via claims.

News:

  • Announcing WIF Extension for SAML 2.0 Protocol! CTP release that includes the extension and samples is now available here. Read more about this announcement in this WIF team's blog post.
  • New version of Windows Azure Access Control has been released to production and is now generally available at http://windows.azure.com. The new version of the Access Control service represents a major step forward from the previous production version, introducing support for web application single sign-on (SSO) scenarios using WS-Federation, federation for SOAP and REST web services using WS-Trust and OAuth, and more. In addition, a new web-based management portal and OData-based management service are now available for configuring and managing the service.
  • Updated Claims Based Architecture whitepaper now available
  • Single Sign-On from Active Directory to a Windows Azure Application Whitepaper published to the AD FS 2 Step-by-Step collection
  • End-to-end sample that uses the Azure Access Control Service and a WIF extension for the OAuth 2.0 protocol posted. Read more in this blog.

Windows Identity Foundation is part of Microsoft's identity and access management solution built on Active Directory that also includes:

  • Active Directory Federation Services 2.0: a security token service for IT that issues and transforms claims and other tokens, manages user access and enables federation and access management for simplified single sign-on.
  • Windows Azure Access Control Services: provides an easy way to provide identity and access control to web applications and services, while integrating with standards-based identity providers, including enterprise directories such as Active Directory®, and web identities such as Windows Live ID, Google, Yahoo! and Facebook.
Getting Started
Identity Management Blogs
Most Recent Blog Posts
Additional Tools & Documentation
Channel 9 Videos
Whitepapers
WIF Webcast Series
WIF Articles from MSDN Magazine
 

Getting Started

Identity Management Technologies

Digital Identity for .NET Applications: A Technology Overview

This overview provides a broad introduction to digital identity for .NET architects and developers. After describing a few fundamental concepts, it walks through the major Windows identity technologies and how they can be applied. The goal is to help anyone who works in the .NET world understand and make better decisions about digital identity in their applications. By David Chappell.

System.DirectoryServices Namespace

  • Introduction to System.DirectoryServices.ActiveDirectory

    This whitepaper introduces you to using S.DS.AD, in the .NET Framework 2.0, to perform Active Directory and AD LDS (formerly ADAM) management tasks.

  • Introduction to System.DirectoryServices.Protocols

    S.DS.P, in the .NET Framework 2.0, provides raw LDAP access, meaning that it is designed specifically to reach beyond Active Directory and AD LDS (formerly ADAM) to other LDAP compliant directories. Therefore, if you plan to use .NET managed code against other LDAP directories, a great place to focus is on S.DS.P. A code sample accompanies the paper.

  • System.DirectoryServices.AccountManagement Namespace Overview

    System.DirectoryServices.AccountManagement is a namespace in the Microsoft .NET Framework 3.5 that provides uniform access and manipulation of security principals across multiple principal stores. S.DS.AM manages directory objects independent of the System.DirectoryServices namespace.

  • Managing Directory Services Principals in the .NET Framework 3.5

    In this MSDN Magazine article learn how to use the new System.DirectoryServices.AccountManagement namespace designed specifically for managing security principals. A code sample accompanies the article.

  • System.DirectoryServices Namespace
    A drill-down into the DirectoryEntry and DirectorySearcher classes, their properties and methods. These allow you to work with AD, ADAM, and diverse directories on a network using a single interface.

Active Directory Federation Services

  • Active Directory Federation Services on Microsoft TechNet
    Based on WS-* specifications, ADFS provides Web single-sign-on technologies and a federated identity management solution for securely sharing digital identity and entitlement rights across security and enterprise boundaries.
  • Step-by-Step Guide for AD FS

    Learn how to set up AD FS in a test lab environment. This guide walks you through set-up of a claims-aware application and a Windows NT token–based application on an AD FS-enabled Web server.

  • AD FS SDK

    Visit the SDK to learn about the AD FS API namespaces.

WCF Security

  • Improving Web Services Security

    Learn how to design and implement authentication and authorization in WCF through end-to-end application scenarios. Improve the security of your WCF services through prescriptive guidance including guidelines, Q&A, practices at a glance, and step-by-step how to guides.

© 2012 Microsoft. All rights reserved.Terms of Use | Trademarks | Privacy Statement | Site Feedback