Windows Azure Active Directory

Published: April 5, 2013

Updated: April 9, 2013

Windows Azure Active Directory is a service that provides identity and access capabilities for on-premises and cloud applications. Developers can use features of Windows Azure AD to:

• Implement single sign-on and single sign-off for enterprise applications and software as a service (SaaS) providers
  
  
• Query and manage cloud directory objects, such as users and groups, by using the Graph API
  
  
• Integrate with on-premises Active Directory to sync directory data to the cloud and enable single sign-on across on-premises and cloud applications
  
  

As a highly-available and highly-scalable service of Windows Azure, Windows Azure AD can be used to manage identities of both small and large organizations. It enables organizations to use their corporate credentials to authenticate to new or existing applications, factoring out the authentication process and eliminating the need for many different identities. Organizations that already use on-premise Active Directory can synchronize their identities with Windows Azure AD to provide seamless integration between on-premises and cloud resources.

Application developers can integrate their applications with Windows Azure AD to provide single sign-on functionality for their users. This enables enterprise applications to be hosted in the cloud and to easily authenticate users with corporate credentials. It also enables SaaS providers to provide easier authentication for users in Windows Azure AD organizations when authenticating to their services.

For general information about the Windows Azure AD service, see What is Windows Azure Active Directory?.

In This Section

Read the sections below to learn more about the features of Windows Azure AD and how it can be used for your organization and applications.

• Windows Azure Active Directory Scenarios and Solutions - Learn about the key scenarios and solutions for Windows Azure AD and how to implement them.
  
  
• Windows Azure Active Directory Tenant Administration - Learn how to administer your Windows Azure AD directory tenant, such as configuring on-premises integration, creating and managing accounts, and resolving issues with your service.
  
  
• Integrating Applications in Windows Azure Active Directory - Learn how to register and integrate an application with Windows Azure AD.
  
  
• Windows Azure Active Directory Authentication Protocols - Learn about the different authentication protocols that you can use to authenticate to Windows Azure AD, including WS-Federation, SAML 2.0, and OAuth 2.0.
  
  
• Windows Azure Active Directory Authentication Libraries - Learn about the code libraries you can use to easily authenticate to Windows Azure AD, including the Windows Azure Active Directory Authentication Library (ADAL).
  
  
• Authorization with Windows Azure Active Directory - Learn how to use user and group information in Windows Azure Active Directory to manage access to secured resources in your applications and services.
  
  
• Windows Azure Active Directory Graph - Learn about how to use the Graph API to programmatically manage directory entities such as users and groups in Windows Azure AD.
  
  
• Access Control Service 2.0 – Learn how to use ACS to authenticate users from Windows Azure AD and other identity providers to your applications and services.
  
  

Additional Resources

For Developers

Windows Azure AD Forum for Developers

For IT Professionals

Windows Azure AD Library on TechNet Windows Azure AD Forum for IT Professionals