Azure AD Authentication with existing application
Question
I have got an existing application for which the customers want to enable Azure AD authentication. What I cannot understand is how to create an association between the existing application users, and the correspondent Azure user.
I have seen that once the user is authenticated with Azure, the application gets a UserInfo object that contains info such as GivenName, FamiliName,... but those are not enough to identify the user in the existing application.
It will be good if the customer could associate themselves the Azure users to the existing application username (for instance), and then somehow the application could retrieve this information after the Azure authentication. Do you have any tip to point in a possible approach for this issue?
1 answers
solution1
0 2018-11-08 16:34:55
Azure Active Directory supports following protocols for authentication :
- SAMLv2
- WS-Fed
- OpenIDConnect / OAuth2
By configuring application registration in Azure AD you can add to authentication token different claims mapped to user attributes (ie SAML claims : https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-customization )
If you need to preprovision users in application from Azure AD you can use SCIM protocol : https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/use-scim-to-provision-users-and-groups
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.