It combines directory services advanced identity governance – control and standardization to build in predictability application access management (SSO and publication of certain apps to use) –and- a rich standards-based platform for developers (Windows Azure services are exposed via REST APIs to enable their use from various languages)
Who would want to manage access to each of these individually? Who would want to manage a password for each of these? Or your service desk handling a frustrated user who can’t even tell you where the FILE menu is?
Federated: auto sign-on to 3rd party SaaS application by Azure AD using the account info (Supported through SAML 2.0, WS-Federation or Open ID connect protocols) Password based: Azure collects the password and other account info from the 3d party SaaS app and uses that for auto sign-on Existing Single Sign-On: Utilizes ADFS to sign on to the 3rd party SaaS app. (think of this as Oking access instead of giving auth directly)
You won’t always have a user going to a portal site to sign on…
The dashboard here is hard to see, but you get the idea… You can also assign Apps that groups of users can see and deploy them to have better management over use – and even over the expectations and adoption.
Azure Active Directory Identity
Designing Identity Solutions with Azure
Active Directory APRIL 7, 2016
The Short Bio
• Solution Architect with focus on Office 365 platform
• Collaborative solutions at my core for over 15 years
• Expertise with Active Directory including full Forest migrations
• Extensive Directory Synchronization work
• Covered various industries including law, logistics, manufacturing and others
• What is Azure Active Directory?
• Azure Active Directory editions
• Azure AD Connect
• Azure Single Sign On
• Cloud App Discovery