Windows Azure SQL Database Marketplace
Editor’s Note: Today’s post comes from Gayana Bagdasaryan, Technical Writer in our Identity Federation team.
In this post I will cover the basics of the Web Single Sign-on scenario that can be implemented with the help of Windows Azure Active Directory.
Before I go any further, I would like to stress that what is currently available is a Developer Preview Release of Windows Azure Active Directory, therefore things are not as simple and seamless to implement as they will be once Windows Azure Active Directory becomes generally available. The goal of this post is to encourage you to play with the preview, and experiment with it.
The scenario is very simple and very common in the identity world. Let’s say you are an ISV and you have a business application running in the cloud. One of your customers is a company with an Office 365 subscription. You want the employees of your customer to be able to access your application in exactly the same way they access their Office 365 applications. In other words, you want to establish web single sign-on, also called identity federation.
You can implement web single sign-on with the help of Windows Azure Active Directory that was provisioned for your customer when they subscribed to Office 365. Windows Azure Active Directory provides directory, authentication, and authorization services, including a Security Token Service (STS).
With the web single sign-on, you will provide access to your cloud application to your customer’s employees through a federated mechanism that relies on an STS that is provided by Windows Azure Active Directory. You and your customer will accomplish this by performing the following tasks:
For detailed information about web single sign-on, see:
For more information, see: Single Sign On with Windows Azure Active Directory: a Deep Dive.