Ping Identity + Microsoft = More Secure Access

September 14, 2016

The application landscape has gone through a radical transformation over the last decade. Cloud computing and enterprise mobility have completely changed the way everyone works, shops and lives. We all expect instant access to the apps and data that connect us to our friends and help us get our jobs done from anywhere.


Microsoft is committed to ensuring that the mobile enterprise is highly productive while remaining more secure than ever. Their Azure Active Directory (Azure AD) environment is a great example of cloud computing that's driving enterprise mobility forward. Their vision is to provide users secure access to thousands of apps with a single identity. This seems simple, but is anything really simple in the global enterprise?


Secure access to the digital enterprise is a hard problem to solve. Much of the challenge lies in the seamless integration of the old and the new. And if you're like most enterprises, you have hundreds of apps in the cloud and probably an equally daunting number of legacy enterprise apps anchored to your data center. IDaaS solutions like Azure AD do a fantastic job of connecting mobile users to cloud applications with a single sign-on (SSO), but providing that one-click access to legacy on-premises applications can be much more challenging.


This is the world Microsoft calls hybrid identity, where identity data and applications are spread between the cloud and on-premises environments. And this is where Ping Identity comes in. The Ping Identity Platform was designed from the ground up, literally. The combination of PingAccess and PingFederate gives enterprises that rely on Microsoft Azure AD the simplicity and usability of the cloud with the power and control of enterprise software.


PingAccess gives Azure AD customers the ability to enable SSO to a much broader set of on-premises web applications. Users can gain access to those legacy apps with the same SSO simplicity as any cloud application--without the need for VPN. Here are some highlights:


  • When requesting access, the Microsoft App Proxy redirects to PingAccess.
  • PingAccess sends users to Azure AD for authentication as necessary.
  • PingAccess converts Azure AD authentication tokens to HTTP header attributes.
  • The web application uses the header attributes to grant user access.


PingFederate extends the reach of Azure AD even further with WAM integrations, integration kits to over 80 enterprise environments, and world-class federation services.


So for Azure AD customers who ever hesitated to step into an all-cloud world without a clear path to their on-premises apps--the path has been cleared.


To take a deeper dive into Ping's partnership with Microsoft and how it's taking Azure AD to a whole new level for SSO, check out our Azure AD white paper.