- Advantages of the Azure Active Directory
- Hybrid Active Directory (On-Prem & Cloud)
- Provisioning a Azure Active Directory
- Azure Active Directory’s blade overview
Advantages of the Azure Active Directory
- It’s suitable for the cloud.
- Support modern authentication protocols. (e.g. WS-FED, SAML Federation, OpenID Connect, OAuth)
- Azure AD will come with SDKs like ADAL and MSAL.
- Azure AD supports the scenarios like B2C, B2B, B2E (employee) and Software As a Service (SaaS) applications.
Hybrid Active Directory (On-Prem & Cloud)
- The on-premises identities can be synced to the Cloud via Azure AD Connect Tool.
- Even Multiple forests can be synced.
- The authentication can be federated to the on-premises with (ADFS).
- The identity can be manged in Azure AD but authentication can be done by on-prem AS server.
- The on-prem group policies can be synced in Azure AD.
Provisioning a Azure Active Directory
Create Azure Active Directory (Azure Portal > All Services > Create button > the following image)
Azure Active Directory’s blade overview
Enterprise applications: add new SaaS applications like Box, Dropbox,…
Devices: to mange devices.
App registration: Register application.
Application proxy: for exposing on-premises.
Azure AD Connect: for sync with on-prem Active Directory for hybrid identity.
App registration blade features are:
- New Registration
- Listing the registered applications ( All Applications | Owned Applications)
Web APP/API is like a web site. The URL infront of Web APP/API (REST API) is the Sign-on URL. Ex. http://localhost:5000/signin-oidc
After the app registration, the following items can be important for developers. They are always available on the registered app blade.
- Application or client ID via Overview blade
- Redirect URL after successful authentication via Authentication blade
- Logout URL via Authentication blade
How to go the registered app blade
AAD > App registration> select & click the registered
Application/ Client ID
Redirect URL after successful authentication