In this article, we are going to see how we can configure application access using Windows Azure Active Directory. With the help of Azure Active Directory, you can access thousands of applications. You can get these applications from the gallery in the applications panel of your Active Directory. This feature of active directory is known as Software-as-a-Service (SAAS). Windows Azure AD enables easy integration to many of today’s popular SaaS applications, such as Salesforce, Box, Google Apps, DocuSign, and Drop Box etc.
Single Sign-On (SSO) enables users to access their applications, using their organizational ID. So, configuring a SaaS application to your Windows Azure AD is pretty simple. I’m going to configure my Twitter account here. So, let’s go for it.
First, login to the Microsoft Azure portal. Give your Azure email address and password. You can see, I have a directory that I created in my previous article. You can take a look at my previous article from:
Click on nitinazuread directory.
Click on Applications panel. This page enables us to configure applications list. There is no application in the list. If there is any existing application, then, you can select your application type and type the name for your application in the search box. Click on check mark to search an existing application.
I don’t have any application yet, so, go ahead and click on Add button, at the bottom of the page, to add an application.
For the list of applications, select application from the gallery.
Look at the below screenshot. This is our application gallery from where we can add one or more applications, according to our requirement.
Now, follow the given steps:
In the search box, type the name of the application you want to add. Then, click on the application (Here, I want to add a Twitter application in the directory). Give a display name to your application and click on the check mark.
Here, my app has been successfully added. Next step will be to configure this application with the directory. First, you need to enable a single sign-on with Microsoft Azure AD, so that you can access multiple applications. So, the Single Sign-On behaves like Session. Click on the configure button.
Here, you can choose multiple options for how users can sign-on to NitinTwitter. Select single sign-on and Active Directory will store the account credentials of the user which will sign on to nitintwitter. Click on the Check mark.
Now, in the second step, assign users for the application. To do this quickly, click on Assign accounts which means the accounts that can access this application.
You can see, here is the list of all users. By clicking on assign accounts, it will retrieve a list of users. You can assign any of the users which you want to assign to the application. I want to assign the first user. So, select it and click on Assign, at the bottom of the page.
Mark the confirmation and authenticate selected user.
Give your twitter name and password here, and click on the check mark to assign a user to the twitter account.
You can see that for the first user access type is Yes and method status is assigned.
Application Access Panel
This is where users can discover the
applications they have access to, by refreshing the page.
Feature of the Access Panel
User can modify the password associated with their organizational account. You can edit multi-factor authentication-related contact and preference settings. Users can also view the details about their account.
So, go to the application access panel and refresh the page. You will find the Twitter application there as NitinTwitter display name. When you click on it, you’ll redirect to the Twitter Account page.
Here, you can see it redirecting to my Twitter page.
Here is my personal Twitter account.
That’s it for accessing the application through Windows Azure AD. You can access any of the applications you want.