cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
New Enhancements to the Azure AD Pass Through Authentication Preview are live!
By
Alex Simons (AZURE)
Published Sep 07 2018 08:46 AM 5,920 Views
Alex Simons (AZURE)
Microsoft
‎Sep 07 2018 08:46 AM

New Enhancements to the Azure AD Pass Through Authentication Preview are live!

‎Sep 07 2018 08:46 AM
First published on CloudBlogs on Apr, 27 2017
Howdy folks, If you're a follower of this blog you'll probably recall that we announced pass-through authentication and seamless single sign-on in Azure AD at the end of last year. These features make it easy and fast to deliver world class end user sign-in experiences with Azure AD. Today I'm excited to announce a few improvements we've made that make these capabilities even more secure, easier to use, and easier to administer. Pass-through authentication Pass-through authentication lets users sign in to your cloud apps while getting rid of the need to store any user passwords in the cloud or deploy new server infrastructure. Some of the key improvements we've just turned on include:
  • Security : We've improved user sign-on security with public key / private key encryption between Azure AD and on-premises agents. That's in addition to secure HTTPS, which is always used to transfer usernames and passwords.
  • Usability : We now support using any attribute, configured as Alternate ID in Azure AD Connect, as the username.
  • Easier deployment : Now you only need to open two ports to deploy pass-through authentication—the standard ports 80 and 443.
Seamless single sign-on Seamless single sign-on gives users on your corporate network the ability to access cloud apps from their domain-joined devices without needing to re-enter their passwords. This feature uses Kerberos authentication instead. We simplified the end user sign-on experience by removing the need for your users to enter their usernames when they access cloud apps with tenant-specific URLs (like outlook.office365.com/owa/contoso.com). Customer adoption We've seen our enterprise customers enthusiastically adopting these new capabilities even before they go GA. Deutsche Post DHL, a global organization with almost 500,000 employees, has been using these features in production and has this to say about their experience:
"We use pass-through authentication and seamless single sign-on to provide 50,000+ users the ability to sign-in to Yammer and 16 other enterprise applications. What I like most about it is its simplicity - it just works! We plan to migrate all ADFS-based applications to this setup soon." - Joe Gasowski , Head of Identity and Access Management, Deutsche Post DHL
Learn more! Dive into our detailed documentation for pass-through authentication and seamless single sign-on and let us know what you think by leaving us a comment below or emailing us at aadopauthfeedback@microsoft.com . We look forward to hearing from you! Best regards, Alex Simons (Twitter: @Alex_A_Simons ) Director of Program Management Microsoft Identity Division
0 Likes
Like
Version history
Last update:
‎Jul 24 2020 02:00 AM
Updated by:
Labels