Azure Active Directory

  1. Advantages of the Azure Active Directory
  2. Hybrid Active Directory (On-Prem & Cloud)
  3. Provisioning a Azure Active Directory
  4. Azure Active Directory’s blade overview
    1. App Registration
    2. Self-Service Password Reset

Advantages of the Azure Active Directory

  • It’s suitable for the cloud.
  • Support modern authentication protocols. (e.g. WS-FED, SAML Federation, OpenID Connect, OAuth)
  • Azure AD will come with SDKs like ADAL and MSAL.
  • Azure AD supports the scenarios like B2C, B2B, B2E (employee) and Software As a Service (SaaS) applications.

Hybrid Active Directory (On-Prem & Cloud)

  • The on-premises identities can be synced to the Cloud via Azure AD Connect Tool.
  • Even Multiple forests can be synced.
  • The authentication can be federated to the on-premises with (ADFS).
  • The identity can be manged in Azure AD but authentication can be done by on-prem AS server.
  • The on-prem group policies can be synced in Azure AD.
Azure AD Connect has demonstrated in Azure Active Directory’s blade overview part

Provisioning a Azure Active Directory

Create Azure Active Directory (Azure Portal > All Services > Create button > the following image)

Azure Active Directory’s blade overview

Users

Groups

Enterprise applications: add new SaaS applications like Box, Dropbox,…

Devices: to mange devices.

App registration: Register application.

Application proxy: for exposing on-premises.

Azure AD Connect: for sync with on-prem Active Directory for hybrid identity.

App registration

App registration blade features are:

  • New Registration
  • Endpoints
  • Troubleshooting
  • Listing the registered applications ( All Applications | Owned Applications)
App Registration blade in Azure Active Directory

New Registration

Web APP/API is like a web site. The URL infront of Web APP/API (REST API) is the Sign-on URL. Ex. http://localhost:5000/signin-oidc

Native is like mobile app, desktop application or javascript single-page application. Redirect URL is where Azure AD authenticates the user and post the details of the authentication.

After the app registration, the following items can be important for developers. They are always available on the registered app blade.

  • Application or client ID via Overview blade
  • Redirect URL after successful authentication via Authentication blade
  • Logout URL via Authentication blade

How to go the registered app blade

AAD > App registration> select & click the registered

Application/ Client ID

Redirect URL after successful authentication

Logout URL

Self-Service Password Reset

2 thoughts on “Azure Active Directory

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: