search

pateluday07 / saml-sso-and-slo-demo-idp-azure-sp-springboot

This project is to demonstrate how we can implement Single Sign-On (SSO) and Single Logout (SLO), by taking advantage of these resources: 1. Azure AD (Active Directory) as IDP 2. Springboot as SP 3. SAML (Security Assertion Markup Language) as SSO & SLO METHOD
35 stars 28 forks source link

Azure AD iDP for external applications #1

Closed eraepers closed 4 years ago

eraepers commented 4 years ago

I have this question for you:

Is it possible to use Azure AD as iDP for external application coming from the Gallery or even configured manually when you use AD Connect with ADFS On-Premises?

To make if clear, we do not use Password Hashes or passthrough with SSO but Federated services with our AD Connect On-Premises (no user data stored in the cloud).

Thanks in advance,

Kind Regards,

pateluday07 commented 4 years ago

I have this question for you:

Is it possible to use Azure AD as iDP for external application coming from the Gallery or even configured manually when you use AD Connect with ADFS On-Premises?

To make if clear, we do not use Password Hashes or passthrough with SSO but Federated services with our AD Connect On-Premises (no user data stored in the cloud).

Thanks in advance,

Kind Regards,

Yes it's possible to use Azure AD as IDP for applications available in the Gallery, please check the following link it will give you the detailed information Azure AD as IDP for Gallery Applications

eraepers commented 4 years ago

Hi

Thank you for your reply.

I just checked your link but this one doesn’t explain how to do it?

My question was more: is it possible to authenticated user with azure ad (use aad as federated service) for SAAS (third party application) when you are in hybrid mode (federated service « ADFS » on premises)

I ask this question as by default no user data are stored in aad meaning that no user can be authenticated at that level.

It works in pass through hand hash password model but what about the federated service on premise model ?

Thanks

Le lun. 19 oct. 2020 à 17:01, Udaykumar Patel notifications@github.com a écrit :

I have this question for you:

Is it possible to use Azure AD as iDP for external application coming from the Gallery or even configured manually when you use AD Connect with ADFS On-Premises?

To make if clear, we do not use Password Hashes or passthrough with SSO but Federated services with our AD Connect On-Premises (no user data stored in the cloud).

Thanks in advance,

Kind Regards,

Yes it's possible to use Azure AD as IDP for applications available in the Gallery, please check the following link it will give you the detailed information Azure AD as IDP for Gallery Applications https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/view-applications-portal

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/pateluday07/saml-sso-and-slo-demo-idp-azure-sp-springboot/issues/1#issuecomment-712227436, or unsubscribe https://github.com/notifications/unsubscribe-auth/AQVXPOWTGJSATLL6TLLGHX3SLRIGNANCNFSM4SVXFPNQ .

-- Eric Raepers RConsulting SCOM rue de Valenciennes, 37b 7320 Bernissart TVA: BE 0475.407.886 GSM: +32 472 91 00 29

pateluday07 commented 4 years ago

Thanks for the detailed explanation.

Sorry, I haven't used ADFS, so I can't guide you here.