Summary

By completing this hands-on lab you have learned how to:

• Use ACS for handling authentication in a Windows Phone 7 application.
• Consume an OData service from a Windows Phone 7 application using OAuth 2.
• Use Windows Identity Foundation to handle OAuth2-protected calls to a WCF OData service.
• Authorize calls to a WCF OData service according to types and values of incoming claims

Windows Phone 7 offers a powerful development platform. Nearly all modern applications require access to data and services available online, hence user authentication, secure service consumption and authorization are key success factors for mobile solutions.

The Windows Azure AppFabric Access Control Service can greatly simplify the task of handling user authentication also when developing for Windows Phone. Windows Identity Foundation can be used to secure via OAuth2 protocol OData and generic REST services with the same consistent model already well known for ASP.NET web sites and WCF services.

The exercise in this hands-on lab present a very common scenario, which you can easily extend by combining it with other solutions described in other hands on labs in the training kit. For example, by combining this lab with the one about using ACS with multiple business identity providers you can easily enable Active Directory authentication for phone applications: in fact, enabling that scenario would entail simply changing some ACS settings, there’s no need to change any of the code described here.

If you want to learn more about ACS and WIF please refer to the other labs in the training kit.