Secure APIs with FastAPI and the Microsoft Identity Platform Transcripts
Chapter: Building a Secure API
Lecture: Introduction to Azure Active Directory (Azure AD)

Login or purchase this course to watch this video and the rest of the course contents.
0:00 By now it should be clear that when we need to build an application that requires authenticated users or managing access to resources,
0:08 we will be better off using an identity service provider.
0:11 Instead of rolling our own. Identity as a service allows developers and enterprises to integrate digital
0:18 identities quickly through a standard set of API's and SDK's for the purpose of this course. We will be using Azure active directory or Azure AD
0:26 Azure AD is Microsoft's cloud-based identity and access management service which allows developers to authenticate users
0:35 and provide access to resources. These resources can be external,
0:39 such as Microsoft 365, the Azure portal and thousands of other software as a service applications Think of service now, Salesforce,
0:48 Dropbox and even google apps or internal resources applications that you build or other apps in your corporate network and internet. As developers,
0:58 you'll rarely have to interact with Azure Active Directory beyond setting an app registration for your
1:03 apps or API's but Azure AD is capable of a lot more. At a very high level some of these features that can be used alongside your solutions to make them
1:17 even more secure. Our conditional access, which is a set of policies that define who,
1:22 how and when can authenticate device management to ensure that important information isn't lost in case
1:28 of hardware compromise and identity protection that gives this complex machine learning and AI to monitor
1:33 user behavior and prevent identity theft or loss as you can see.
1:38 Azure Active directory comprises of many different components and if you were to roll out your
1:43 own identity, you will have to build some of them by yourself from the ground up. But in the end there's only one thing that we,
1:51 as developers care about. How easily can I implement identity into my own solution? We can break it down even further.
1:59 Does my company already have an existing identity system? Does it support and integrate well with my platform and language.
2:06 What kind of advanced features do I get out of the box? The answer to all of these is Azure Active Directory,
2:13 which makes it straightforward to authentication and authorization using either MSAL, the Microsoft Authentication Library or any other open
2:21 ID Connect and OAUTH2 libraries out there.

Talk Python's Mastodon Michael Kennedy's Mastodon