Forum Discussion

Andrew Colombino's avatar
Andrew Colombino
Brass Contributor
Dec 03, 2018

Can we use Azure AD for SSO to SaaS applications if we already use ADFS for SSO to Azure/O365?

Some background: our organization uses ADFS for SSO to Office 365. Naturally, we sync our AD to Azure AD to make that happen, but we do not sync passwords or anything like that. We're stuck using ADF...
  • StevenC365's avatar
    StevenC365
    Dec 04, 2018

    Andrew Colombino generally most apps that support federation with ADFS would also support federation with AzureAD. In your case AzureAD would pass the authentication events down to your federated AzureAD providing the same login experience as you get with Office 365 etc.

     

    I agree with your point about better preparing yourself to go without ADFS in the future. These days new clients use simpler tools like Password Hash Sync or Pass Through Authentication, it's easier to provide a highly reliable service and authentication is typically the most important service.

     

    You would also be allowing these apps to use the more sophisticated security controls available as part of AzureAD. Condition Access, Multi-Factor Authentication, Identity Protection, MCAS etc.

Resources