The Identity Hub How To's more...

Getting Started

How To: Getting Started
How To: What is an Account Provider?
How To: Activate an Account Provider
How To: What is an App?
How To: Create an App
How To: The SDK's
How To: Use Welcome Text

Connecting Your Application

How To: Sign into your SharePoint 2010/2013 sites with The Identity Hub
How To: Sign into your ASP.NET/MVC web site with The Identity Hub (WS-Federation)
How To: Sign into your ASP.NET/MVC web site with The Identity Hub (OAuth 2.0)
How To: Sign into your PHP web site with The Identity Hub (OAuth 2.0)
How To: Sign into your Single Page JavaScript App with The Identity Hub
How To: Sign into your AngularJS App with The Identity Hub
How To: Sign into your Single Page jQuery App with The Identity Hub
How To: Sign into your Mobile app with The Identity Hub
How To: Sign into your Windows Desktop Application with The Identity Hub
How To: Add a Sign In Button for a specific Account Provider to your Application

Demo Applications

Demo Applications

Getting Identity Information

How To: Call The Identity Hub API

Controlling and Restricting Access

How To: Working With Roles
How To: Working With Scopes

OAuth Operations

How To: Perform OAuth Implicit Grant
How To: Perform OAuth Code Grant
How To: Perform OAuth Client Credentials Grant

OpenID Connect Operations

How To: Perform OpenID Connect 1.0 Implicit Grant
How To: Perform OpenID Connect 1.0 Code Grant

Two Factor Authentication

How To: Protect your account with two factor authentication

Manage User Profile

How To: Create temporary username/password credentials

The Identity Hub SDK's

Windows 8.1 Store Apps SDK

Using the SDK
SDK API

AngularJS SDK

Using the SDK
SDK API

jQuery SDK

Using the SDK
SDK API

Windows Desktop SDK

Using the SDK
SDK API

ASP.NET Server Side SDK

Using the SDK
SDK API

PHP SDK

Using the SDK
SDK API

Android SDK

Using the SDK
SDK API

Java SDK

Using the SDK
SDK API

WS-Federation

Account Providers

Supported Federation Identity Providers

SAML-P

Account Providers

SAMLP Identity Providers

OAuth

Account Providers

Default Requested Scopes

The Identity Hub API

OAuth & OpenID Connect API

GET {tenant}/oauth2/v1/auth
POST {tenant}/oauth2/v1/token
GET {tenant}/oauth2/v1/verify
POST {tenant}/oauth2/v1/revoke

Identity API

GET {tenant}/api/identity/v1
GET {tenant}/api/identity/v1/{id}
GET {tenant}/api/identity/v1/accounts
GET {tenant}/api/identity/v1/{id}/accounts
GET {tenant}/api/identity/v1/friends
GET {tenant}/api/identity/v1/{id}/friends
GET {tenant}/api/identity/v1/roles
GET {tenant}/api/identity/v1/{id}/roles
PUT {tenant}/api/identity/v1/
DELETE {tenant}/api/identity/v1/
DELETE {tenant}/api/identity/v1/{id}

What's New more...

  • New mobile phone number field for User Profile

    On the profile page the user can now add a mobile phone number

  • Default Twilio SMS Provider Service

    The Identity Hub can now send SMS text messages. This is implemented using an exten-sibility model. For the moment there is one out-of-the-box SMS service provider Twilio (see https://www.twilio.com/)

  • Mobile phone number verification

    Users can now verify their mobile phone number using the verification link on their profile page or on the profile security information page.

  • Custom SMS Provider Service

    For on-premise installation a custom SMS Provider Service can be developed by the client or U2U Consult.

  • Multifactor authentication using SMS

    Multifactor authentication can now be performed via SMS. It requires a configured SMS Service Provider and a verified mobile phone number of the user.

  • App SAMLP/WS-FED Metadata Endpoint

    Metadata Endpoint is now available for SAMLP and WS-FED.

  • App Claim Mappings

    App claims mappings are now displayed per category

  • Reporting

    Added reports for administrators

  • OpenID Connect

    Support form_post response mode.

  • Custom claims

    For SAMLP and WS-FED Account Providers custom mapped claims can now be passed to applications.

  • Two factor authentication

    Mail can now be disabled as two factor authentication option at the tenant level.

  • OAuth 2.0

    To support development localhost redirect uri without uri are now supported out of the box for the Implicit Flow.

  • Build in Username/Password account provider

    The username/password account provider now supports adding a logo for the login button.

  • Office 365 Account Provider

    Roles can now be retrieved and mapped for Office 365 Account Providers.

  • User Interface

    Improvements to UI for App and Account Provider.

  • SAMLP Account Provider.

    Now support SingleLogoutResponse url's.

  • Build in Username/Password account provider.

    Users can now be provisioned by administrators.

  • Build in Username/Password account provider.

    A configuration option has been added to prevent users from registering.

  • Protocol Endpoints.

    Overview of protocol endpoints has been added to the administrative user interface.

  • Users list.

    Users list can now be filtered per account provider.

  • Build in Username/Password account provider.

    Users can now be provisioned by administrators.

  • Build in Username/Password account provider.

    A configuration option has been added to prevent users from registering.

  • Protocol Endpoints.

    Overview of protocol endpoints has been added to the administrative user interface.

  • Azure Application Insights support.

    Now supporting Live Metrics.

  • Users per role.

    A view has been added that shows a list of users having a role.

  • User list has been optimized.

    For tenants with high number of users, the list of users will have better performance.

  • SAML-P Account Provider Certificate Rollover.

    The SAML-P Account Provider can now have a secondary token signing certificate for the Identity Provider to support certificate rollover.

  • OpenId: Full support for Code Flow and Implicit Flow.
  • An option has been added to not use the Live SDK with Microsoft Account Provider.

    To support the new Microsoft Converged applications types.

  • 2-factor authentication can now be set as required.

    An option has been added to require 2-factor authentication for the complete tenant.

  • Requesting location information on the login page can now be disabled.

    An option has been added to disable requesting and collecting location information.

  • Hub or Tenant Admins can now delete a user.

    On the detail page of a user, an admin can choose to delete a user.

  • A user can now delete his or her profile.

    A Delete Profile button has been added on the user's profile page.

  • Support has been added to the ASP.NET SDK to delete a users profile.

    A method "DeleteProfileAsync" has been added to the class TheIdentityHub.IdentityService.

  • Support has been added to the ASP.NET SDK to retrieve the identity id's of merged identities (users profiles).

    When using TheIdentityHub.IdentityService.GetProfileAsync() the result (TheIdentityHub.Profile) has a new property OldIdentityIds.

  • The built-in UserName/Password Account Provider now supports requiring an email address as user name.

    An option (flag) has been added to the UserName/Password Account Provider.

  • Support has been added to the ASP.NET SDK to update a users profile.

    A method "UpdateProfileAsync" has been added to the class TheIdentityHub.IdentityService.

  • Apps that connect through WS-FED or SAMLP can return Roles in Group Claims and the Display Name as Name claim.
  • OpenID Connect 1.0 is now supported.

    OpenID Connect Authorization Code flow is now supported to request tokens from The Identity Hub. How To: Perform OpenID Connect 1.0 Code Grant

  • Password complexity can now be configured for build in Username Password Account Provider
  • Android and PHP SDK.

    Android and PHP SDK are now available
    How To: Sign into your PHP web site with The Identity Hub (OAuth 2.0)
    How To: Sign into your Mobile app with The Identity Hub

  • Support for MyDigipass Account Provider.

    The Identity Hub now supports authentication through My Digipass.

  • Facebook Account Provider now uses version 2.5 of the Facebook Graph Api.
  • OAuth scopes for the OAuth Account Provider can now be toggled on and off.

    The default requested scopes for OAuth Account Provider can now be toggled (except the minimum required scopes).

  • Users can now be archived.

    Users can now be archived and will no longer appear in the list of users.

  • Users can now be disabled.

    Users can now be disabled to prevent them from signing in.

  • Welcome text can now be added

    On the page where the user has to choose what provider to use to sign in a welcome text can be added.

  • Email address can now be set as unique

    When email address is set to be unique only one user can exist with the same email address. Only one Account Provider can be active in this specific case.

  • Support for SAMLP ADFS flow on IOS/Safari

    An option has been added to the SAMLP Account Provider to compensate for ADFS flow issues due to the cookie limitations in IOS/Safari.

  • New version of the SharePoint 2013 SDK and WSP Solution.

    Support for searching The Identity Hub for users and roles when assinging permissions in SharePoint.

  • HTTPS Strict is now enforced.

    The Identity Hub now enforced HTTPS Strict Transport Security.

  • Claim Mappings for SAMLP Account Providers

    Claim Mappings are now supported for SAMLP Account Providers.

  • New ReCaptcha implementation

    ReCaptha has been updated to use the latest version.

  • Username retrieval for build in username password account provider.

    Administrators can now activate te possibility to retrieve the usernames based on an email address.

Coming Soon

  • Certificate rollover for WS-FED Account Providers

Supported Account Providers



Supported Applications