#AzureAD : SSO to SaaS


In this era, Software as a Service offerings have changed the entire applications landscape. Now, organizations want to take advantage of the enterprise applications to solve their business problems but trying to avoid heavily in deploying and managing these applications. Azure AD is playing a vital role in this space by providing single sign experience to the enterprise users. It is not just providing SSO experience but at the same time maintaining security context for the applications by providing features such as MFA and auditing.

Let’s have a look, how to configure enterprise application from the gallery and associate with your Azure AD.

Login to the Azure portal and go to the Azure Active Directory.

Go to the Enterprise applications.

Click on New application.

There are around 3000 applications available in gallery. Look for the application that you like to add.

In my case, I am trying to add twitter for single sign on. Now, you may have a quick question; why twitter? Just think about any multinational organization, it operates in several countries and obviously every country would like to tweet something specific to their country. How will manage it? You wouldn’t like to create multiple accounts or different local identities for your organizations as you have unique brand value associated with specific name. Here, with Azure AD you can have a single twitter account and its password managed by one responsible person and access can be given to multiple people who are involved in PR activities.

Click on Add.

Now you are ready to configure your application. You can assign user, configure single sign-on, conditional access etc.

Let me add two users so that both can access this account without knowing the password through https://myapps.microsoft.com

Select the users and click on select.

Once users selected, click on Assign.

Now, it is time to set the Single-Sign-on mode. Go to the Single sign-on mode and select the Password -based Sign-on.

As, I would like to set the password for my twitter account and give access to end users. Therefore, select the user and click on update credentials.

Set the twitter account credentials. If you don’t want to update the credential in future then select “I want Azure AD to automatically manage this user or group’s password” option so that Azure AD can manage it on your behalf. Perform the same steps for another user.

Now, login to https://myapps.microsoft.com and access your applications.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s