SharePoint, Office 365, Azure, and Front end JS geek. – Chicago IL
SharePoint, Office 365, Azure, and Front end JS geek. – Chicago IL

Azure

VIDEO – HTTP Header Client Secret protected Web API

Watch the video below to see a demo of protecting WebAPI with HTTP header and a Client Secret.    By default, new Web API projects lack any security mechanism and are open to any anonymous user.    Protecting Dot Net methods with an IF() statement condition provides a simple security mechanism to ensure only users who know the Client Secret are able to run the API and execute the method.

NOTE – Check out http://www.spjeff.com/2017/10/05/video-azure-ad-protected-web-api-in-an-angularjs-spa/ for more complete WebAPI security with Azure AD.

Cheers!

shades_smile

Video

Screenshots

image

Code

References

VIDEO – Microsoft Azure AD Portal (AAD)

Check out https://aad.portal.azure.com/.   Microsoft Azure Activity Directory admin center is open to all users and is a great tool to browse Azure AD, lookup user details, locate groups, manage applications, monitor usage, and more.

Users with higher permissions will see more tiles including:

  • Azure Active Directory
  • Users and groups
  • Enterprise applications
  • App registrations
  • Azure AD Connect Health
  • Azure AD Cloud App Discovery
  • Azure AD Privileged Identity Management
  • Azure AD Identity Protection
  • Devices

Cheers!   

shades_smile

Manage Azure Active Directory

Video

Screenshots

image
image
image
image
image
image
image
image
image
image
image
image
image
image
image
image

References

SharePoint as a Service (SPaaS)

SharePoint is often treated as a final SAAS product to perform Microsoft native functions only.  Management can be reluctant to engage customization and development for the perceived cost. 

However, what is the cost of lacking a needed business tool?  Lost productivity and opportunity?  

What is the cost to create native SP features?   Make a blank IIS website?  Then create your own search, audit, permission interface, file store, REST endpoint, etc.?

 

Today is the best time ever to be a developer.  Many services and many tools.   Agile design can be applied to leverage 90% native platform with 10% custom code to spin up helpful business applications with low cost.   Micro services, REST api, and JavaScript frameworks provide the building blocks.   Developers are challenged to learn these new tools.  Ones that do can help deliver business value faster than ever.

 

Remember, SharePoint is a service– not the final product. 

shades_smile

 

Features

  • Authentication – User context.  Password management, new account creation, integrated single sign-on.
  • Permissions – Groups, roles, custom permission levels,
  • Tables & Files – Storage of flat database (rows, columns, validated input, query) and binary files (folder, files)
  • Notification – Alert on data changes.  Daily and weekly summary.  Custom email body with Workflow.
  • Search – Index content, word parsing, custom results display, full REST api.
  • Audit – Regulatory compliance.  Reports, export, filter, and granular detail.
  • … and many more

 

Diagram

image

 

References

VIDEO – Online WebAPI Generator

I created an online service at https://spjeff.azurewebsites.net/ which generates a MVC WebAPI 2.2 project with the name you enter.   A custom ZIP file is generated server side with your custom name for the Project, Namespaces, Assembly, and sent to the browser for download.   Best practices are already enabled such as:

  • [CORS] decorator
  • [Authorize] decorator
  • Minimal packages and dependency
  • Zero MVC boilerplate
  • Lean mean API ready for dev & prod

From there double click SLN and begin coding.  Enjoy! 

shades_smile

 

Video

Online WebAPI Generator from Jeff Jones on Vimeo.

 

Screenshots

 

image

 

image

 

image

© Copyright 2016
@ SPJeff

Return to Top ▲Return to Top ▲