AADAP azure AD authentication with pass through

Iron Contributor



i've got some apps that need publishing for a customer, they have their own authentication form, and the customer wants the users to hit said authentication form.


handily, password based authentication seems to work for these apps, which is handy, right up until the point where the customer wants the users to hit the sign in form for the web app.


the kicker comes with wanting to front end this with Azure AD sign in, so an intentional double authentication.


can this be done?


litterally you go to the published URL, sign in via Azure AD auth (or maybe auth'd by SSO if already authenticated) and then you hit the sign in page for the app.


currently this is published via TMG with the above behaviour and we are trying to rock the boat with end users as little as possible, at least until these apps can be updated to use Azure AD auth


1 Reply

Hi Peter


not sure i understand.


Azure AD Application proxy can use passthru (the app on prem validates, but you are still protected from certian attacks) or you can enforce validation from 365 prior to redirections to you onprem app, and then you can introduce som SSO for the application.


Hope that helps