Powering Your Apps with Microsoft Accounts

by Jonathan Allen on Nov 01, 2012 |

A central theme with Windows 8 is the Microsoft Account. This is another attempt to offer a single sign-on system for both Microsoft and third-party services. We’ve seen Microsoft attempt to do this before with products such as Microsoft Wallet, Microsoft Passport, .NET Passport, Microsoft Passport Network, and Windows Live ID. The relationship between these products is murky with various branding and technology changes, but the goal is the same for each: to not lose potential customers who don’t want yet another username and password.

When a Windows 8 application starts it may request and authentication and access tokens. The authentication token verify the user’s account while the access token allows for retrieval of information about the user. The user will also be automatically signed into any website that implements the Microsoft Account SDK.

There are some benefits even for websites that already have their own authentication system. While there is no personal information available at this point, a user id is provided. By tracking the user using this id, it will be easier to personal the site for that user when they do officially sign up.

For advanced scenarios, the Live SDK can be used to access the user’s SkyDrive, profile, and social network. Access is granted using either OAuth 2.0 or the Live Connect REST API. Client side SDKs for Windows 8, Windows Phone, Android, iOS, and .NET make this process easier. Like other OAuth-based services, users will need to give explicit permission for your application to access their Microsoft data.

Another feature common with OAuth systems is the need for a “secret” that only the application knows. This is used to decrypt the information coming from Microsoft’s servers. Mobile developers may be tempted to put this in the application, but that is very risky. Instead, it should be stored in a server that the mobile application can access.

Microsoft Accounts does not federate with other single sign-on providers such as Windows Active Directory or Facebook Connect.

Watch the Build session Powering your apps with Microsoft Accounts with Shelly Guo on Channel 9.

Rate this Article


Hello stranger!

You need to Register an InfoQ account or or login to post comments. But there's so much more behind being registered.

Get the most out of the InfoQ experience.

Tell us what you think

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread
Community comments

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

Allowed html: a,b,br,blockquote,i,li,pre,u,ul,p

Email me replies to any of my messages in this thread

General Feedback
Marketing and all content copyright © 2006-2016 C4Media Inc. hosted at Contegix, the best ISP we've ever worked with.
Privacy policy

We notice you're using an ad blocker

We understand why you use ad blockers. However to keep InfoQ free we need your support. InfoQ will not provide your data to third parties without individual opt-in consent. We only work with advertisers relevant to our readers. Please consider whitelisting us.