Authentication to AWS homemade application with Azure AD Office 365 / Questions

%3CLINGO-SUB%20id%3D%22lingo-sub-1259892%22%20slang%3D%22fr-FR%22%3EAuthentication%20to%20AWS%20homemade%20application%20with%20Azure%20AD%20Office%20365%20%2F%20Questions%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1259892%22%20slang%3D%22fr-FR%22%3E%3CP%3EHi%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EFirst%2C%3C%2FSTRONG%3Ethank%20you%20for%20welcoming%20me%20into%20the%20community.%20I%20am%20a%20beginner%20to%20Microsoft%20technologies.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3ESecond%3C%2FSTRONG%3E%2C%20let%20me%20explain%20the%20context%3A%3C%2FP%3E%3CP%3E-%20%3CEM%3EMy%20company%20has%20an%20Office%20365%20Business%20Premium%20Account%20(thus%20we%20have%20a%20free%20Azure%20AD%20license%20with%20all%20our%20O365%20users%20inside).%3C%2FEM%3E%3C%2FP%3E%3CP%3E-%20%3CEM%3EWe%20have%20several%20homemade%20applications%20hosted%20at%20AWS%20(which%20we%20use%20with%20Cognito%20SSO%2C%20thus%20fully%20independent%20from%20our%20Azure%20AD%2C%20we%20have%20separate%20accounts%20for%20those%20AWS-hosted%20apps).%3C%2FEM%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EThird%2C%3C%2FSTRONG%3Elet%20me%20explain%20what%20I%20would%20like%20to%20do%20and%20where%20I%20am%20stuck%3A%3C%2FP%3E%3CP%3E-%20Basically%20I%20would%20like%20to%20use%20our%20O365%20Azure%20AD%20to%20authenticate%20our%20internal%20users%20to%20AWS%20apps%20(instead%20of%20using%20SSO%20Cognito).%3C%2FP%3E%3CP%3EQuestion%20%3CEM%3E%3CU%3E1%3A%3C%2FU%3E%3C%2FEM%3EDo%20I%20have%20to%20switch%20to%20Azure%20AD%20P1%20level%20license%20to%20perform%20this%3F%20(%245%2Fuser%2Fmonth%20-%26gt%3B%20hard%20to%20believe%20I%20have%20to%20do%20that%20especially%20I%20want%20my%20customers%20to%20be%20registered%20in%20Azure%20AD)%3C%2FP%3E%3CP%3E-%20%3CU%3E%3CEM%3EQuestion%202%3A%3C%2FEM%3E%3C%2FU%3EI%20would%20like%20to%20mock-up%20Azure%20AD%20with%20AWS%20applications.%20I%20do%20not%20want%20to%20add%20%22test%22%20users%20to%20my%20existing%20corporate%20Azure%20AD%20-%20Can%20I%20create%20an%20%22external%22%20Azure%20AD%20annuary%20with%20my%20MS%20Azure%20account%20(or%20with%20my%20MS%20DevOps%20account)%3F%3C%2FP%3E%3CP%3EQuestion%20%3CU%3E%3CEM%3E3%3A%3C%2FEM%3E%3C%2FU%3E(relates%20to%20question%202)%20how%20to%20create%20another%20Azure%20AD%20instance%20if%20I%20still%20want%20to%20use%20the%20same%20domain%20name%20as%20the%20one%20for%20my%20O365%20Azure%20AD%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMany%20thanks!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ELooks%3C%2FP%3E%3CP%3EFranz%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1259892%22%20slang%3D%22fr-FR%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Frequent Visitor

Hi,

 

First, thank you for welcoming me into the community. I am a beginner to Microsoft technologies.

 

Second, let me explain the context:

- My company has an Office 365 Business Premium Account (thus we have a free Azure AD licence with all our O365 users inside).

- We have several homemade applications hosted at AWS (which we use with Cognito SSO, thus fully independant from our Azure AD, we have separate accounts for those AWS-hosted apps).

 

Third, let me explain what I would like to do and where I am stuck:

- Basically I would like to use our O365 Azure AD to authenticate our internal users to AWS apps (instead of using SSO Cognito).

- Question 1: Do I have to switch to Azure AD P1 level licence to perform this ? (+5$/user/month -> hard to believe I have to do that especially I want my customers to be registered in Azure AD)

- Question 2: I would like to mock-up Azure AD with AWS applications. I do not want to add "test" users to my existing corporate Azure AD - Can I create an "external" (=independant) Azure AD annuary with my MS Azure account (or with my MS DevOps account) ?

- Question 3: (relates to question 2) how to create another Azure AD instance if I still want to use the same domain name as the one for my O365 Azure AD ?

 

Many thanks !

 

Regards,

Franz

0 Replies