Home

Howdy folks,

 

Today, I have the privilege to tell you about the public preview of two new features for Azure AD Application Proxy that make it even easier to provide secure remote access to on-premises applications:

  • Support for SAML single sign-on (SSO)
  • Support for finer grained management of application cookies

Support for more apps with Azure AD Application Proxy 1.png

 

SAML SSO support

The public preview for SAML SSO support with Application Proxy is now available.

 

Whether you already have an on-premises SAML application that's ready to publish or are looking to modernize your application’s authentication protocol, you now have an easy way to provide external access and SSO to your application.

 

Setting up SAML SSO with your on-premises application uses the same standard pattern as setting up SAML SSO for your cloud applications. The application must be using SAML authentication with Azure AD as the identity provider. You can also use this with the recently released preview for SAML token encryption. To learn more about configuring SAML SSO with Application Proxy see our documentation.

 

Support for more apps with Azure AD Application Proxy 2.png

 

Application cookie settings

To help meet your security and compliance requirements, the following settings for Application Proxy access and session cookies are now available:

 

  • Use HTTP-Only Cookie—Protects cookies against actions like copying or modifying the cookies from client-side scripting.
  • Use Secure Cookie—Ensures cookies are only transmitted over TLS secure channels to prevent cookies from being observed by unauthorized parties.
  • Use Persistent Cookie—Sets the access cookie to not expire when the web browser is closed and persists for the lifetime of the access token.

For full details and recommendations about these cookie settings, see Cookie settings for accessing on-premises applications in Azure AD.

 

Support for more apps with Azure AD Application Proxy 3.png

 

As always, we'd love to receive any suggestions or feedback you have, so please comment below or on the Azure AD feedback forum.

 

Best Regards, 

 

Alex Simons (@Alex_A_Simons)

Corporate VP of Program Management

Microsoft Identity Division

2 Comments
Occasional Visitor

Will the persistent cookie allow for rdcb to be proxied via app proxy?

Microsoft

Hi Cyphel,

The persistent cookie flag only ensures that the session cookies don't expire when the browser session is closed. If you are looking for more information around RDS scenarios see our documentation here.