Microsoft Identity Platform

Full Title

Microsoft Identity Platform allows sign in with a Microsoft personal or work account.

AKA Microsoft Graph in early 2021 as a replacement for Azure AD Graph.

Context

• Aspnet Core Web API Quickstart

Problems

• The package Microsoft.Identity.Web requires that a new trusted signer key is added to nuget.config (2020-10-06). The following command fixed this.

nuget.exe trusted-signers Add -Name Microsoft2021 -CertificateFingerprint AA12DA22A49BCE7D5C1AE64CC1F3D892F150DA76140F210ABD2CBFFCA2C18A27 -FingerprintAlgorithm SHA256

Install and Run

Run the following command in PowerShell to open port 5000 of board:

 netsh advfirewall firewall add rule name=”ASP.NET Core Web Server port” dir=in action=allow protocol=TCP localport=5000

User Application Development

• Since this platform is based on OpenID Connect (OIDC) user applications are considered to be clients ins the sense described in OAuth 2.0.
• Apps first call PublicClientApp = PublicClientApplicationsBUilder.Create(ClientID).{other options}.Build().
• call PublicClientApp,GetAccountsAsync() and pick one of the proffered accounts.

Registration

• The Microsoft Graph API offers a single endpoint, https://graph.microsoft.com, to provide access to rich, people-centric data and insights in the Microsoft cloud, including Microsoft 365, Windows 10, and Enterprise Mobility + Security.

References

• Microsoft Identity Web authentication library 2020-10-09
• Widows Hardware Developer for windows hello. Shows how to add biometric device drivers.
• microsoft.idenity.web on Github
• Widows Hello aka Passport. Windows Hello is the name Microsoft has given to the new biometric sign-in system built into Windows 10.
• Create a Windows Hello login app using UWP & XAML