4.25 out of 5
4.25
52 reviews on Udemy

Office365 and AzureAD for Developers

Understand the fundamental AzureAD concepts necessary for calling Office365 APIs, 3rd party APIs, and custom APIs
Instructor:
Sahil Malik
1,504 students enrolled
English [Auto-generated]
Write apps for AzureAD
Write apps for Office 365
Understand all auth related concepts and scenarios

Developing for Office365 is figuring out Azure AD, and mostly REST queries. The REST queries are the easy part. But a proper understanding of how Azure AD works from a developer’s perspective is the more important part. Whether you are developing for Office 365 or not, as your organization embraces the cloud, a solid understanding of developer concepts in Azure AD is necessary. This course provides hands on explanations of all the AzureAD scenarios you need to know as a developer, followed by tying that knowledge in Office 365 APIs and the Microsoft Graph. Lots of hands on examples and code in this course.

Introduction

1
History of SharePoint

A brief history of SharePoint explaining how we got where we are.

2
Developer Choices for the Office365 developer

Developing for Office 365 today is full of a perplexing list of choices. Which one of these is the right tool for the right job? And how about on-premises to cloud migration? This module is an introduction to the various choices you as a developer face.

3
Structure of this course

Given the various choices, I have chosen to emphasize certain choices over others. Also, I have given a lot of focus to AzureAD since mastering that is key in understanding Office 365 APIs. Here I introduce how I have structured this course, and why.

WSPs or Solution Packages

1
What are solution packages?

A high level introduction to what a solution package is, and the difference between a sandbox solution and a farm solution. If you are quite familiar with SharePoint development, feel free to skip this section.

2
Writing and Deploying a solution package

The process of writing a simple solution package, and how much of it applies to Office 365.

SharePoint Add-ins also known as Apps

1
An introduction to Apps

What are SharePoint apps, now known as SharePoint Addins?

2
Advantages of the App Model

Keeping your custom code outside of SharePoint has unique advantages, and is necessary for Office 365. Here we look at why buying into the App Model can be advantageous for you.

3
What am I going to talk about

Apps is a big topic, but Office 365 APIs is a superior architecture. Apps will mature further, but in their current incarnation they have some serious shortcomings. Based on that, what coverage will I give to this topic, and why.

4
SharePoint Apps - Golden Rules

The golden rules or guiding principles of the App Model that are absolutely critical to understand.

5
Kinds of Apps

SharePoint apps or addins can be classified in multiple ways based on different criterion. Here I talk about the different kinds of SharePoint apps.

6
Setting up your environment for Apps

Developing or running apps requires some unique changes to your dev environment. Here I talk about how to setup your environments to run SharePoint apps.

7
What I will and wont cover as Demos

Time to see some code, but apps is not the focus of this course. Still it is worth mentioning for knowledge completion purposes. So what specific scenarios will I show, and how can you learn the rest.

8
Writing a SharePoint hosted app

A SHA runs entirely in SharePoint. Here I demonstrate how to write it, and how to host it. And I mention the limitations too.

9
Writing an AppPart

An AppPart or ClientWebPart is an Iframe that pretends to be a webpart. It has some serious limitations, but solves some scenarios. Here I talk about how to write an AppPart and the various challenges it presents.

10
An introduction to Provider Hosted Apps

PHAs are very powerful, but also more complex to deploy. They have some unique differences between on-premises and Office365, and here I will introduce you to PHAs.

11
Writing a Provider Hosted App

Here I demonstrate how to write a provider hosted app, and how you can deploy it on-premises and in Office 365

Introduction to Azure AD and Office 365 APIs

1
Office 365 APIs and Microsoft Graph

Why did we need Office 365 APIs and what is Microsoft Graph and why is it so important.

2
What is Azure AD

Azure AD is not your dad's on-premises AD. Why did we need a new concept, what does it buy us, and what is it's value?

3
Why not just use on-prem AD?

On-Premises AD has some serious limitations, and AzureAD is quite different from it.

4
Different ways to setup Azure AD

AzureAD is very flexible, and is designed to suit the needs of every enterprise, small, medium or large. What are those scenarios and how does it affect you the developer?

5
Azure AD for Developers

As a developer, what can you do with Azure AD?

6
ADAL or Active Directory Authentication Libraries

What is ADAL, why has Microsoft created it, how can you obtain it, and why I highly recommend that you use it?

7
Registering your Apps

AzureAD needs to know about your app for your app to be able to make use of it. What does it mean when I say "registering your app", and what information does AzureAD need and why?

8
Single Tenant vs Multi Tenant

What is tenancy, why should you care, and how does AzureAD help you here?

9
Various dev. scenarios to learn

As a developer interested in AzureAD, there are many dev. scenarios to learn. Here I describe the list of those scenarios, how they apply to Office 365, and then subsequently in rest of the course I will be covering each one of those.

Setting up AzureAD

1
Setting up Azure AD without Office 365

Office 365 uses AzureAD, but AzureAD can be used completely independent of Office365. Here I setup the AzureAD tenancy I will be using through rest of the course, you should setup one for yourself too.

2
A royal tour of AzureAD features

Once you have setup AzureAD, what facilities does it offer, and where can you find them?

3
Adding a user in Azure AD

Here we add a test non-admin user in our tenancy, which we will use at various places in the course.

4
Managing Azure AD using PowerShell

PowerShell enables you to script admin AzureAD and exposes numerous facilities not visible through the UI. Here I show how you can manage AzureAD (Office 365 included) using PowerShell

5
Using AzureAD with Office365

AzureAD and Office365 are joined at the hip. In this course, I will demonstrate concepts using both with and without Office365. So here we learn how to access the AzureAD behind Office365.

Web Browsers accessing Web Applications secured by AzureAD

1
Description of Scenario

An explanation of what I mean by Web Browser accessing web applications secured using AzureAD

2
Authentication Protocol Flow

Understanding all those redirects and postbacks between browser and web application and AzureAD that make all this possible.

3
Token Expiration

How web applications secured by AzureAD are supposed to handle expiring sessions and tokens.

4
Demo: A sample MVC application

Here we dive into a demo, where I write up a simple MVC application that we will protect using AzureAD

5
Demo: Nuget packages for adding AzureAD Authentication

For every scenario there are some Nuget packages we will use. Here we add the nuget packages for securing a web application

6
Demo: Setting up Auth using OWIN startup

Here we use the OWIN startup.cs to bootstrap authentication in our MVC application

7
Demo: Adding OpenIDConnect sign in and sign out

We add functionality to allow the user to easily sign in and out using a web browser click into our web application.

8
Demo: Register your web app in AzureAD

We go through the process of registering our app in AzureAD portal and what information we need to provide.

9
Demo: Running our App

We are able to run our web application running on-premises, authenticated by AzureAD and we are able to sign in and out.

10
Examining OpenID connect parameters

Understanding how OpenID authentication works via browser posts, and the various parameters being passed.

JavaScript SPA (single page app) accessing AzureAD protected APIs

1
Description of scenario
An explanation of what I mean by "SPA", and what exactly will I be showing here
2
Authentication Protocol Flow

SPA's use a unique authentication protocol flow called OAuth2 Implicit Grant Protocol. Here we understand how that flow works, and it's unique strengths and limitations.

3
ADAL.js

An introduction to the Active Directory Authentication Library for JavaScript

4
OAuth2 Implicit Grant Protocol

A deeper look into the limitations and strengths of the OAuth2 Implicit Grant Protocol.

5
Session management without refresh tokens

SPAs accessing APIs protected by AzureAD do not have the luxury of using refresh tokens.What are refresh tokens? And what is a SPA supposed to do then?

6
Renewing access tokens

How does a SPA using ADAL.js renew access tokens if it has no refresh tokens?

7
Single Tenant vs. Multi Tenant

What differences does your application need to consider if it is a SPA accessing WebAPIs and it may need to work under either single tenant or multi tenant setups.

8
Demo: Creating our API without authentication

Here we dive into building an example demonstrating ADAL.js being used in SPAs accessing WebAPIs secured using AzureAD. The first step, is to build a sample API, without using any authentication to start with.

9
Demo: Creating the SPA, without any authentication

Nnext we use AngularJS to write up a simple application that attempts to access the WebAPI we just wrote. Remember there is no authentication involved yet.

10
Demo: Adding support for CORS

Our SPA when trying to access the WebAPI fails because our WebAPI does not support CORS. Here we add support for CORS.

11
Demo: Securing our API using AzureAD

Our app should work without authentication at this point, so lets protect our WebAPI using AzureAD.

12
Demo: Registering our WebAPI in AzureAD

After adding AzureAD authentication support in code, lets register our WebAPI in AzureAD so AzureAD secures it.

13
Demo: Securing the JavaScript SPA using ADAL.js

Next we enhance our SPA to secure itself using AzureAD using ADAL.js. It's all about the access token at the end of the day.

14
Demo: Registering the SPA in AzureAD

Merely writing the code isn't enough, we also need to register it in AzureAD and enable that oAuth2 allow implicit flow thing.

15
Demo: Setting permissions for our SPA

The SPA won't be able to access the API unless it has permissions to do so. Here we set the permissions in AzureAD.

16
Demo: Enhancing the application using ADAL.js

With our SPA registered and permissions granted, lets enhance our application to use ADAL.js to sign in/sign out and make authenticated calls.

17
Demo: Running the application

With our application written, lets run it and examine how it works and how ADAL.js behaves at runtime.

18
Demo: Decrypting JWT tokens

The access token is just a JWT token. What information does it contain and how can we decrypt it? Do we need to validate it?

19
Demo: ADAL local resources

A behind the scenes look of how ADAL.js stores and manages sessions and access tokens etc.

JavaScript SPA (single page app) accessing Microsoft Graph

1
An overview of Microsoft Graph

What is the Microsoft Graph and what is it capable of?

2
Demo: Creating a Microsoft Graph SPA

We start by modifying the previous SPA we wrote in the previous section to instead target the Microsoft Graph.

3
Demo: Registering your SPA in Office365 AzureAD

We have written our SPA, but Office 365 needs to know about it, and maybe even trust it, plus there are those pesky permissions we need to worry about.

4
Demo: Enabling OAuth2 Implicit Flow

Just like our non-Office365 counterpart, we need to enable implicit flow here too.

5
Demo: Granting Permissions to access Microsoft Graph

Your app cannot call Microsoft graph unless you give it the rights to do so.

6
Demo: Running and Debugging your SPA

Our application running as a JavaScript SPA website successfully being able to call Microsoft Graph.

7
Demo: Office 365 SharePoint pages as Microsoft Graph SPAs

Why bother with AppParts when your pages can work as SPAs? We take the same SPA we wrote, and run it as a SharePoint page instead. Now I don't want to hear complaints about Office 365 doesn't have a good dev story.

Native apps accessing AzureAD protected APIs

1
Description of scenario

An explanation of what exactly do I mean by "Native app" and how is that different from what we have seen so far.

2
OAuth 2.0 Authorization Code Grant

Native Apps use the OAuth 2.0 authorization code grant. So naturally we need to start by introducing this important player.

3
Authentication Protocol Flow

How do Native apps use the OAuth2.0 authorization code grant, and how is it uniquely different from JavaScript SPAs

4
Single Tenant vs. Multi Tenant

Native app specific considerations when it comes to tenancy.

5
Demo: Setting up the Web API

Lets start writing the native app talking to the web api, but we are going to need an Azure protected web api first. Lets get that out of the way first. This is shockingly simple as you'll see.

6
Demo: Writing the Native App

Next we add a native app into the project and set it's overall structure up. No authentication or AzureAD tie up yet.

7
Demo: Nuget packages for the native app

Here we add some nuget packages that make it possible for our native WPF app to work with AzureAD

8
Demo: Adding references

We also need some framework libraries to make https calls from a WPF app, so lets add references for those.

9
Demo: Adding authentication logic

We reference the basic details we are going to get from AzureAD in our Native app

10
Demo: Redirect URIs for native apps

We are not using a browser, or are we? Why are redirect URIs important for native apps, and unique considerations for windows store apps.

11
Demo: Managing and Securing tokens in native apps

Native Apps are unique that they are able to manage long term tokens (refresh tokens) securely using encrypted storage. What hooks does ADAL provide to allow us to manage tokens?

12
Demo: Adding sign in and sign out logic

How do we make a sign in request, and how do we ensure that a signout is a full and secure signout?

13
Demo: Making an authenticated call to the service

After a successfull sign in, how do we get a hold of the access token, and how can we make an authenticated call to the service.

14
Demo: Running and debugging the application

Demonstration of the application running with the sign in/sign out and authenticated call in action

Native apps calling Office 365 Mail API

1
Description of the scenario

An explanation of what we are about to build here.

2
Demo: dev.office.com your source for APIs

Hunting for interesting APIs and registering apps on dev.office.com. We look for the mail api.

3
Demo: Registering your app on dev.office.com

For those not familiar with AzureAD, you can register various apps right on dev.office.com

4
Demo: Registering your app in Office365

Registering your native app in the AzureAD of Office365

5
Demo: Giving permissions to read mail and native app reading mail

Here we grant permissions to our app to read our mails, and run the app first without permissions, and second with permissions.

Web App calling AzureAD secured APIs

1
Description of scenario

Explanation of the scenarios I shall be covering here.

2
Authentication Protocol Flow

A web app calling an AzureAD secured WebAPI involves multiple moving parts and scenarios. Here I describe the specific authentication flows and protocols in use.

3
Application Identity using OAuth 2.0 client credentials grant

Description of web application calling web api using only Application Identity

4
Delegated User Identity using OpenID Connect and OAuth 2.0 Auth. code grant

Description of a web application calling a web api and sending the user identity along it's request using two different possible authentication protocols

You can view and review the lecture materials indefinitely, like an on-demand channel.
Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don't have an internet connection, some instructors also let their students download course lectures. That's up to the instructor though, so make sure you get on their good side!
4.3
4.3 out of 5
52 Ratings

Detailed Rating

Stars 5
27
Stars 4
17
Stars 3
6
Stars 2
1
Stars 1
0
f5be6e8307a0959c5e2cd68c7bfd3202
30-Day Money-Back Guarantee

Includes

7 hours on-demand video
Full lifetime access
Access on mobile and TV
Certificate of Completion