I am relatively new to Xamarin Cross Platform Environment. Is it better to use Xamarin Auth component to avoid an unnecessary hop (and costs) to a Azure Mobile App.
If you're already using Azure Mobile Apps, I would recommend using their authentication approach for prototyping/initial development. Eventually, I think you'll want to bypass even Xamarin.Auth and use the native SDKs to authenticate users. Rather than having a web popup for login, users will be redirected to the app (like Facebook) to approve the authentication request if they have the app installed. You're also managing the authentication flow on the client instead of the server, which IMHO is the right way to go about doing it.
Thanks Pierce. I am already using Azure Mobile Apps to manage storage and my offline sync. In addition to agreeing with you, I am also interested in managing it client side simply to reduce my Azure charges. Is there any example you can provide wherein I can tap into the native SDK of these identity providers.
You maybe should see this, is a excellent example:
Thanks Lucio. But your example refers to using Azure Mobile App service which is precisely what I am trying to avoid by keeping all the authentication calls on the client side.
@SreeSundaram: The tricky thing is that it still requires the same number of hits to the Azure service to authenticate. The flow is something like this:
I have written some code for doing this in the past, just need to dig it up.
Thanks Pierce. Please let me know when you "dig" up the code I am looking for a true cross platform solution involving iOS, Android and UWP. All of my online searches only have iOS and Android examples and no UWP
Does Azure verify validity of the token with the provider as well? As I know AWS cognito does this. So if I am logged in, I only ask Cognito if my previous token is still valid on Facebook side using AWS token like Zumo token.
Another question, Does Azure store User information for me, If I am logged in using facebook, does it store facebook name, picture url etc because I enable these on the backend or Do I have to create a user table and store all myself? If Azure stores it, where can I find this on Azure portal?
Last question, is there any good sample how Authorization with ZUMO token is done?
I have just spent 2 good days to understand the complicated logic behind azure. I say complicated because similar logic exist in aws cognito and it took me couple of hours to understand and implement. it is really strange way of working and for your users will be even TERRIFYING ! because you redirect your user to a page first then this page redirects you to facebook, once user logs in you are redirected from facebook back to this first page and finally land on the app. if you are on a slow connection, steps are clearly visible to user (on fast connection, it quickly skips and maybe you want see call back url). Users will fear themselves insecure in this case. If you want to use Azure, just use Facebook SDK or do simple http request using web view. this takes 15 mins to implement.
Xamarin Inc., as a wholly-owned Microsoft subsidiary acting as a separate legal entity, adheres to the Microsoft Privacy Statement: Privacy & cookies