Use Microsoft Authenticator for on-premise resources

%3CLINGO-SUB%20id%3D%22lingo-sub-3258541%22%20slang%3D%22en-US%22%3EUse%20Microsoft%20Authenticator%20for%20on-premise%20resources%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3258541%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20have%20an%20on-premise%20hosted%20website%20protected%20with%20a%20Web%20Access%20Management%20solution%20(CA%20SiteMinder)%20which%20authenticates%20users%20on%20a%20local%20AD%20domain.%3C%2FP%3E%3CP%3ENow%20I%20need%20to%20add%20a%20second%20factor%20authentication%20using%20Microsoft%20Authenticator%20app.%3C%2FP%3E%3CP%3EHow%20can%20I%20integrate%20the%20on-premise%26nbsp%3BWeb%20Access%20Management%20solution%20(CA%20SiteMinder)%20with%26nbsp%3BMicrosoft%20Authenticator%3F%26nbsp%3B%3C%2FP%3E%3CP%3EDo%20I%20need%20to%20synchronize%20the%20local%20AD%20domain%20with%20an%20Azure%20tenant%3F%20If%20so%2C%20are%20there%20Azure%20APIs%20to%20be%20called%20by%26nbsp%3BSiteMinder%20to%20send%20the%20push%20to%26nbsp%3BMicrosoft%20Authenticator%20app%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3258541%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAccess%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EActive%20Directory%20(AD)%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAuthentication%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Authenticator%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3258666%22%20slang%3D%22en-US%22%3ERe%3A%20Use%20Microsoft%20Authenticator%20for%20on-premise%20resources%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3258666%22%20slang%3D%22en-US%22%3EHello%2C%20recently%20I%20integrated%20Citrix%20with%20Azure%20MFA%20using%20the%20NPS%20extension%2C%20for%20example%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fchristiaanbrinkhoff.com%2F2017%2F02%2F17%2Fhow-to-configure-azure-mfa-for-citrix-netscaler-gateway-radius-by-using-the-new-nps-extension%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fchristiaanbrinkhoff.com%2F2017%2F02%2F17%2Fhow-to-configure-azure-mfa-for-citrix-netscaler-gateway-radius-by-using-the-new-nps-extension%2F%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fauthentication%2Fhowto-mfa-nps-extension%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fauthentication%2Fhowto-mfa-nps-extension%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EI%20think%20you%20should%20start%20understanding%20if%20SiteMinder%20can%20act%20as%20a%20RADIUS%20client%3CBR%20%2F%3E%3CBR%20%2F%3EHope%20this%20information%20helps%20you%3C%2FLINGO-BODY%3E
Occasional Visitor

We have an on-premise hosted website protected with a Web Access Management solution (CA SiteMinder) which authenticates users on a local AD domain.

Now I need to add a second factor authentication using Microsoft Authenticator app.

How can I integrate the on-premise Web Access Management solution (CA SiteMinder) with Microsoft Authenticator? 

Do I need to synchronize the local AD domain with an Azure tenant? If so, are there Azure APIs to be called by SiteMinder to send the push to Microsoft Authenticator app?

1 Reply
Hello, recently I integrated Citrix with Azure MFA using the NPS extension, for example

https://christiaanbrinkhoff.com/2017/02/17/how-to-configure-azure-mfa-for-citrix-netscaler-gateway-r...

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension

I think you should start understanding if SiteMinder can act as a RADIUS client

Hope this information helps you