Which five actions should you perform in sequence?

DRAG DROP
You are developing an ASP.NET MVC application that allows users to log on by using a third-party
authenticator.
You need to configure Microsoft Azure Access Control Services and the application.
Which five actions should you perform in sequence? (To answer, move the appropriate actions from the list of
actions to the answer area and arrange them in the correct order.)
Select and Place:

Answer:

Explanation:
Box 1: Create a service namespace
The first step is to create an ACS Namespace. This is your Security Token Services (STS) that will generate
Signed Identity tokens to be consumed by WAP. This will also be the only STS that WAP will trust.
Box 2: Register the application as a relaying partner.
Now that the Namespace is created, you will have to tell it about the WAP Portals that is expecting tokens from
it. We add the WAP Tenant Portal as a Relying Party to ACS (Access Control Services).
Box 3: Add a Security Token Service (STS) reference in Visual Studio 2012.
Now that the Namespace is created, you will have to tell it about the WAP Portals that is expecting tokens fromit.
1. Click on Relying Party Applications and click on Add to add the Windows Azure Pack tenant Portal as a
Relying Party to this namespace. This essentially tells the ACS namespace that the Tenant Portal is expecting
it to provide user identities.
2. You will now go to the Add Relying Party Application page where you can enter details about the WAP tenant
Portal.
3. The easier option is to provide the federation Metadata from the tenant portal. Save the XML file locally on
your computer
4. Now back in the ACS management portal, Upload the federation metadata file and provide a Display Name
for the Relying Party.
5. Scroll Down to the Token Format section and choose the token format to be ‘JWT’. By Default, the Windows
Live Identity Provider will be selected. Deselect it if you do not want to allow users to sign in using their Live id.
Under the Token Signing Settings section, select X.509 Certificate as the Type. Click on Save.
Box 4: Add the third-party as the identity provider.
We have our ACS and WAP portals setup. We now have to find a source of Identities that can be flown in to
the WAP Portals through ACS. We configure external services to act as Identity Providers
Box 5: Generate provider rules for claims
We now have our Relying Party and our Identity Providers set up. We should now tell ACS how to transform the
incoming Claims from these Identity providers so that the Relying Party can understand it. We do that using
Rule Groups which are a set of rules that govern Claim Transformation. Since, we have two identity Providers,
we will have to create a rule for each of these.
https://blogs.technet.microsoft.com/privatecloud/2014/01/17/setting-up-windows-azure-activedirectory-acs-to-provide-identities-to-windows-azure-pack/