Updated: July 11, 2020 (October 4, 2010)

  Charts & Illustrations

Access Control

My Atlas / Charts & Illustrations

277 wordsTime to read: 2 min
Rob Sanfilippo by
Rob Sanfilippo

Before joining Directions on Microsoft, Rob worked at Microsoft for 14 years where he designed technologies for Microsoft products and... more

Azure AppFabric Access Control translates security information from identity providers to simplify application authentication and authorization. Shown here is the sequence a client uses to gain access to an application via Access Control.

The client obtains a security token (1) after being authenticated by an identity provider, such as an organization’s installation of Active Directory Federation Services 2.0, the Access Control service itself, or Windows Live ID. (Access Control does not yet support Windows Live ID, but it is expected to with a future update.)

The client then submits the token to Access Control (2), using Web services APIs. Access Control evaluates the submitted token and issues a second token based on a set of rules previously supplied by the application developer using a command-line-based tool. The rules specify which identity providers the application will trust, and how to map claims from tokens issued by each provider to claims the application understands. For example, a rule might state that if the incoming token includes a claim that a user is a member of an organization’s “manager” group, then Access Control should return a token with a claim that the user has “administrator” permissions on the target application.

Atlas Members have full access

Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.

Membership Options

Already have an account? Login Now