Microsoft Azure Active Directory

You can use Microsoft Azure Active Directory to manage the user IDs and passwords that are used to access applications through Federated Single Sign-On with IBM® Security Verify. For this federation configuration, Azure Active Directory acts as the identity provider and Verify acts as the service provider.

Roadmap

Perform these tasks to configure Federated Single Sign-On between Azure Active Directory and Verify.
  1. Configure Azure Active Directory as the identity provider. See Configuring Azure Active Directory as an identity provider.
  2. Update the Azure manifest for your application. See Updating the manifest.
  3. Configure Verify as the service provider. See Configuring IBM Security Verify as a service provider.
  4. Test the Single Sign-On connection. See Testing the single sign-on connection.

Azure Active Directory support for SAML 2.0

Microsoft Azure is a cloud computing platform and infrastructure for building, deploying, and managing applications and services through a global network of Microsoft managed data centers.

Azure AD is a cloud-based identity and access management service. It has in-built federation capabilities and provides single sign-on to SaaS applications. The applications that are hosted on Azure can be Microsoft applications like office365 or nonMicrosoft applications such as Box, or Dropbox. Azure AD extends on-premises Active Directory into the cloud. Azure AD supports SAML 2.0 protocols to achieve the single sign-on.

The diagram shows the flow that Azure uses to authenticate users through SAML 2.0.

For information about configuring single sign-on to applications that are not in the Azure Active Directory application gallery, seehttps://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-custom-apps.