Code Sample: Key Management

  • Article

This sample illustrates how to update expiring certificates and keys programmatically. It consists of a single Visual Studio 2010 solution and two projects. One project, Common, contains a helper type that simplifies working with the Management Service. The other project (KeyManagement) demonstrates the following:

  • How to import identity provider and relying party application metadata to Microsoft Azure Active Directory Access Control (also known as Access Control Service or ACS) using the ACS Management Service.

  • How to update ACS using the Management Service and Windows Identity Foundation to parse and extract the keys to be updated by emulating a metadata change on an identity provider or a relying party application.

The code for this sample is located in the KeyManagement subdirectory of the (C#\Management\KeyManagement) of the Microsoft Azure Active Directory Access Control (ACS) Code Samples package.

You can also update your certificates and keys using the ACS Management Portal. For more information, see Certificates and Keys Management Guidelines.

Prerequisites

To run this sample, you will need:

  1. An account at the Azure homepage and an Access Control namespace.

  2. Visual Studio 2010 (any version).

For more details, see ACS Prerequisites (https://go.microsoft.com/fwlink/?LinkId=221065).

Running the Sample

To run the sample

  1. Go to the Microsoft Azure Management Portal (https://manage.WindowsAzure.com), sign in, and then click Active Directory. (Troubleshooting tip: "Active Directory" item is missing or not available)

  2. To create an Access Control namespace, click New, click App Services, click Access Control, and then click Quick Create. (Or, click Access Control Namespaces before clicking New.)

  3. To manage an Access Control namespace, select the namespace, and then click Manage. (Or, click Access Control Namespaces, select the namespace, and then click Manage.)

  4. Click Management service and then click the default ManagementClient account. You will see a set of credentials that can be used to access the Management Service. In this sample, we will use the password credential.

  5. To view the password, click Password in the credential list.

  6. Copy the password into your clipboard.

  7. If you have not done so already, open the sample in Visual Studio.

  8. In the Common project, open the SamplesConfiguration.cs file, and locate the following lines of code:

    public const string ServiceNamespace = "...Copy Access Control Namespace..."; 
public const string ManagementServiceIdentityKey = "...Copy Management Service Password...";

  9. Update the value of the ServiceNamespace field with the name of your Access Control namespace.

  10. Update the value of the ManagementServiceIdentityKey field with the password value in your clipboard.

  11. Build the solution.

  12. With the ManagementServiceHelper configured, you can start the KeyManagement projects.