Identity, SSO, authentication, and authorization

 SSO corporate authentication and authorization, Azure Active Directory, and Active Directory Federation Services Active Directory provides an industry-leading identity server, both in the cloud and on-premises, through Azure Active Directory (Azure AD) and Active Directory Federation Services (AD FS). Developers can securely authenticate, authorize, access information in Active Directory and can take advantage of device-level SSO and MFA capabilities, along with storage through the powerful Active Directory Authentication Library (ADAL), which is available for all major native and cross-platform mobile and server-side technologies. In addition, Intune MAM features include the ability to force authentication against Active Directory for any app, further enhancing an enterprise’s ability to control access to sensitive apps and data. Additionally, products like Azure Active Directory Identity Protection help security-conscious organizations implement Microsoft Identity as a Service (IDaaS) solutions with confidence.

 Internet authentication social authentication providers Azure App Service Authorization provides a unified, simplified mechanism for authenticating against Azure AD, Facebook, Twitter, Google, and Microsoft account—from not only services and web apps, but also mobile apps, through the use of Azure Mobile Apps libraries, plug-ins, and SDKs for Android, iOS, Windows, Xamarin, and Cordova. The common interface means that developers are abstracted from provider interface changes and will be able to instantly take advantage of new auth providers as they come online in the service. Azure AD now also has a preview of B2C support, giving you the ability to manage sign-ins, using credentials from Facebook, Google, LinkedIn, Amazon, and Microsoft account, and to take advantage of the same power of Azure AD available for enterprise accounts. It is currently in preview for Android, iOS, and Windows native apps, with other technologies coming soon.

 Role-based access control (RBAC), Rights Management Azure AD and AD FS are essential directories for configuring RBACs for mobile apps. Organizations can establish specific roles that have access to an app through Active Directory groups that can then be validated by using the Active Directory Graph API. In addition to app-level access controls, the broad ADAL support for server-based technologies like .NET and Node.js make it possible for organizations to further enhance their security by using these same capabilities to provide or restrict access to specific server-side data sources. In the cloud, Azure Mobile Apps can further streamline the process of getting up and running with RBACs through the use of features like Easy Tables that set up the entire infrastructure needed while still enabling developers to implement customized authorization controls. Finally, Azure Rights Management is a comprehensive cloud service with which you can implement tight role-based controls to Microsoft Office, SharePoint, and OneDrivepersisted data that extends to apps using Office APIs to access data.

Source Of Information : Microsoft Platform and Tools for Mobile App Development