Access Control Service
|This article needs additional citations for verification. (December 2011) (Learn how and when to remove this template message)|
Access Control Service, or Windows Azure Access Control Service (ACS) is a Microsoft-owned cloud-based service that provides an easy way of authenticating and authorizing users to gain access to web applications and services while allowing the features of authentication and authorization to be factored out of the application code. This facilitates application development while at the same time providing users the benefit of being able to log into multiple applications with a reduced number of authentications, and in some cases only one authentication. The system provides an authorization store that can be accessed programmatically as well as via a management portal. Once authorizations are configured, a user coming to an application via ACS arrives at the application entrance with not only an authentication token, but also a set of authorization claims attached to the token.
ACS has the following features
- Integration with Windows Identity Foundation (WIF)
- Support for popular web identity providers including Windows Live ID, Google, Yahoo, and Facebook
- Support for Active Directory Federation Services (AD FS) 2.0
- Support for OAuth 2.0 (draft 10), WS-Trust, and WS-Federation protocols
- Support for the SAML 1.1, SAML 2.0, Simple Web Token (SWT) and JSON Web Token (JWT) token formats (JWT still in beta)
- Integrated and customizable Home Realm Discovery that allows users to choose their identity provider
- An Open Data Protocol (OData)-based management service that provides programmatic access to the ACS configuration
- A browser-based management portal that allows administrative access to the ACS configuration
Web platform support
- Microsoft (May 16, 2011). "ACS Overview". Microsoft. Retrieved 10 October 2016.