a good thing!
No App Left Behind on Your Azure AD Journey
No app left behind. It's more than a catchy phrase. It should be your mantra and guiding principle as you journey from your on-premises world of datacenters and Ethernet cables to the bold new cloud frontier.
Nobody wakes up one day and says, "We are now a cloud-only organization." It all started years ago when one of your lines of business first subscribed to a SaaS application. Then, as the concept caught on, you purchased more and more SaaS solutions over time. Before you knew it, you were managing all of these on-premises applications. You were halfway through the journey before you realized you had started.
Now that you're committed, it's Cloud or Bust! First stop, Office 365 and Azure Active Directory.
Of course, you can use a federation server (like PingFederate) to federate to Azure AD. All of your apps are covered for single sign-on (SSO), from on-premises to O365 to SaaS to private clouds.
But what if you want to have your users authenticate directly to Azure AD? Your network guys have probably told you that it's a speed bump on this journey, that they don't want to use VPNs or open the network to access all of those on-premises apps. And those apps are important or you wouldn't have them.
Luckily, Ping Identity and Microsoft have you covered (to keep the journey analogy going, let's say we've created a carpool lane for you!). Microsoft Azure AD offers the app proxy, which opens an outbound SSL connection from the network. That means there's no need to bug the network guys. Azure AD then sends over an OIDC token for SSO to Windows-based apps, like Dynamics or SharePoint. The app proxy even works on private clouds like AWS.
For all of those web-based apps, PingAccess for Azure AD translates the OIDC token to the header that the application expects for easy SSO! If you have a legacy web access management (WAM) solution, we can even translate the token to the proprietary header their agents expect.
It's always easier to navigate using a map, so we created a whiteboard video to explain exactly how it works. The best part is that it's all configurable and available directly through the Azure AD portal. And to get you to the cloud even faster, your first 20 apps for web single sign-on are free.
When you bring Ping and Microsoft along for the ride, you get the full advantage of Azure AD, while still enjoying secure one-click access to all of your SaaS, on-premises and private cloud applications. Leave no app behind as you continue your journey to the cloud.
To learn more, read the white paper: Connect More Apps to Azure AD with PingAccess or come see us at Microsoft Ignite, September 25-29 at booth 1349.