Skip to main content

Identity Management in Active Directory

The information on this site is designed to help developers understand the claims-based identity model and Microsoft’s vision and solution for an interoperable federated identity platform. This platform is comprised of the following key components:

Windows Azure Authentication Library

The Windows Azure Authentication Library (AAL) enables client application developers to easily authenticate users to Windows Azure Active Directory (AAD) or other identity providers, and then obtain access tokens for securing API calls. AAL also enables service developers to secure their resources by providing validation logic for incoming tokens.  More…

Windows Azure Active Directory Graph

Windows Azure AD Graph provides programmatic access to Windows Azure Active Directory (AD) through REST API endpoints. Using Windows Azure AD Graph, developers can execute create, read, update, and delete operations on Windows Azure AD objects such as user or group. More…

Windows Azure Access Control Service

Windows Azure Access Control Service (ACS) is a cloud-based service that provides an easy way of authenticating and authorizing users to gain access to your web applications and services while allowing the features of authentication and authorization to be factored out of your code. More…

Windows Identity Foundation

Windows Identity Foundation (WIF) enables .NET developers to externalize identity logic from their application, improving developer productivity, enhancing application security, and enabling interoperability. WIF is now a part of the .NET Framework, and has been updated for .NET 4.5. More…

Active Directory Federation Services

Active Directory Federation Services (ADFS) enables you to use single sign-on to authenticate users to multiple, related Web applications over the life of a single online session. More…

Getting Started
Identity Management Blogs
Most Recent Blog Posts
Additional Tools & Documentation
Channel 9 Videos
WIF Webcast Series
WIF Articles from MSDN Magazine

Getting Started

Identity Management Technologies

Digital Identity for .NET Applications: A Technology Overview

This overview provides a broad introduction to digital identity for .NET architects and developers. After describing a few fundamental concepts, it walks through the major Windows identity technologies and how they can be applied. The goal is to help anyone who works in the .NET world understand and make better decisions about digital identity in their applications. By David Chappell.

System.DirectoryServices Namespace

Active Directory Federation Services

  • Active Directory Federation Services on Microsoft TechNet
    Based on WS-* specifications, ADFS provides Web single-sign-on technologies and a federated identity management solution for securely sharing digital identity and entitlement rights across security and enterprise boundaries.
  • Step-by-Step Guide for AD FS

    Learn how to set up AD FS in a test lab environment. This guide walks you through set-up of a claims-aware application and a Windows NT token–based application on an AD FS-enabled Web server.


    Visit the SDK to learn about the AD FS API namespaces.

WCF Security

  • Improving Web Services Security

    Learn how to design and implement authentication and authorization in WCF through end-to-end application scenarios. Improve the security of your WCF services through prescriptive guidance including guidelines, Q&A, practices at a glance, and step-by-step how to guides.