How is SSO with Azure AD and Microsoft Graph API actually done?
Question
I was looking into SSO with Azure AD for a customer, and Microsoft seems to push towards the new Graph API .
Their documentation says that if your app/website authenticates with a password, you should do password authentication with the graph api.
But when going to the api reference, they say it's not available yet .
So, how would we go about it, if at all?
Is it possible to integrate an existing login form with Azure AD?
Is it possible to auto-detect the current windows domain user to bypass the login form, like the old days with on-prem AD?
Thanks.
1 answers
solution1
0 2022-01-17 12:32:08
Is it possible to integrate an existing login form with Azure AD?
Yes it is possible to integrate an existing login form with Azure AD provided the application for which you want to configure SSO is register in your Azure AD as an enterprise application.
For this you will have to register the application in Azure AD. For more information please refer this MSDOC: Enable single sign-on for an enterprise application
Is it possible to auto-detect the current windows domain user to bypass the login form, like the old days with on-prem AD?
Yes, Once the SSO has been configured for that enterprise application you can by-pass the login form for that application,once the user has logged into the device through which it is accessing that application. For this purpose device needs to be join with Azure AD.
In case if you want to configure SSO for your Application through Graph API ,Kindly refer the below link for implementation/reference:
https://docs.microsoft.com/en-us/graph/application-saml-sso-configure-api
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.