Updated: July 15, 2020 (November 7, 2016)
Analyst ReportAzure AD Single Sign-On Technologies Available for Developers
Microsoft has released multiple open standards—based authentication and authorization APIs for Azure Active Directory (AAD). These APIs enable user single sign-on with the ease of a Facebook ID or Microsoft account identity for internal line-of-business applications or third-party commercial applications running from a variety of Windows-based and other devices. Although new and evolving, developers may want to use these standards-based APIs, even though they require AAD, because they can be integrated with on-premises Active Directory (AD) to ease password management.
Azure AD as a Single Sign-On Hub
AAD is Microsoft’s default directory for its hosted services, underpinning Office 365, Intune, and Microsoft Azure, among others, which allows users to sign on with one set of credentials across multiple applications. Since AAD can be synchronized and federated with an on-premises instance of AD, users can use their familiar AD credentials to access Office 365 and Intune, as well as third-party applications. Microsoft has long worked with ISVs to add support for AAD within their applications to emphasize AAD for organizational identities as a counterpoint to individual identities, such as Microsoft accounts, Google accounts, and Facebook IDs. Synchronization or federation is not required, although doing so will generally provide a better user experience. (For more information on integration of AD and AAD, see “Integrating AD and Azure Active Directory“.)
Atlas Members have full access
Get access to this and thousands of other unbiased analyses, roadmaps, decision kits, infographics, reference guides, and more, all included with membership. Comprehensive access to the most in-depth and unbiased expertise for Microsoft enterprise decision-making is waiting.
Membership OptionsAlready have an account? Login Now