This article is contributed. See the original author and article here.
In this session – Microsoft Identity platform for developers, Microsoft Authentication Libraries (JS, .NET, Android, iOS, Python, Java, Angular, Microsoft Identity Web), and top developer mistakes seen on the Microsoft Identity platform. Microsoft Program Manager presenters – Harish Suresh | @harish_suresh and Sahil Malik | @sahilmalik. This session was delivered and recorded on March 18, 2021. Q&A in chat throughout call.
Microsoft Identity platform – Do’s and Don’t. Based on extensive hands-on experience with enterprise customers – developers, ISVs, and Partners pushing the limits of the identity platform on application integration, the Microsoft presenters Harish Suresh and Sahil Malik call out the top – common developer mistakes using the Microsoft Identity platform. Each problem – what is it, why it’s a concern, tips for isolating and the good-better-best recommended solutions for minimizing security issues and maximizing best usability. Common mistakes include:
- Putting secrets in code
- Using prompt=consent
- Mismatched reply URLs
- Incorrect response handling leading to throttling failures (http 429 response)
- Incorrect usage of tokens (by token type)
- Acquire token paradigm (token acquisition mechanism)
- Usage of implicit, ROPC and client credential flows (application scenarios)
- Mobile broker/SSO behavior (approaches to performing SSO on iOS and Android).
- Documentation – Migrate applications to the Microsoft Authentication Library (MSAL) | https://docs.microsoft.com/azure/active-directory/develop/msal-migration
- Documentation – Redirect URI (reply URL) restrictions and limitations | https://docs.microsoft.com/en-us/azure/active-directory/develop/reply-url
- Website – OAuth 2.0 | https://oauth.net/2/
- Help Options for Developers
- Q & A – Technical Q & A on Microsoft Identity | https://aka.ms/AzureIdentityQnA
- Post a query on Microsoft Q&A with the right tags | https://docs.microsoft.com/en-us/azure/active-directory/develop/developer-support-help-options#post-a-question-to-microsoft-qa
- Create a GitHub issue against the MSAL library | https://docs.microsoft.com/en-us/azure/active-directory/develop/developer-support-help-options#create-a-github-issue
- Submit feedback for new feature requests | https://docs.microsoft.com/en-us/azure/active-directory/develop/developer-support-help-options#submit-feedback-on-azure-feedback
- Create an Azure Support Request | https://docs.microsoft.com/en-us/azure/active-directory/develop/developer-support-help-options#create-an-azure-support-request
- Microsoft Office 365 Developer Survey – https://aka.ms/developersuccess
- Join the M365 Customer Success Platform Panel – https://aka.ms/SuccessPanel
- Twitter https://twitter.com/microsoft365dev
- YouTube https://aka.ms/M365DevYouTube
- Blogs https://aka.ms/M365DevBlog
- Recurrent Invite https://aka.ms/IDDevCommunityCalendar
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.