SOLVED

Azure AD SSO

Brass Contributor

I am using ADFS with Office 365 and few other SaaS apps (ServiceNow, Concur and 16 other apps). we want to use Azure AD SSO for some apps. I have made to an application and configured Azure AD SSO and the app works from My Apps in Azure portal. The app does not work when the application URL is used, I am routed to Azure and after I enter the credentials I am routed to ADFS. The relying party for the application is disabled in ADFS.

 

I should be able to switch over some apps to Azure AD SSO right? Do I have to switch Office 365 to synchronized or pass through authentication?

2 Replies
best response confirmed by LM (Brass Contributor)
Solution
To use AD FS you have to set at least one of your domains to be federated. That means any authentication being done via Azure AD will use AD FS for the authentication point - regardless if it's a non-Office 365 service.
So you can't have a mix of apps, with some using SSO and others not. You can only have it that some domains use AD FS and some don't.

Hi,

This was my experience with it, you need Windows 10 1607+ and a group policy set for Azure AD Computers https://www.adamfowlerit.com/2017/04/zero-click-single-sign-without-adfs/

 

And as Loryan says, it's a global thing. You can't mix it up 🙂

1 best response

Accepted Solutions
best response confirmed by LM (Brass Contributor)
Solution
To use AD FS you have to set at least one of your domains to be federated. That means any authentication being done via Azure AD will use AD FS for the authentication point - regardless if it's a non-Office 365 service.
So you can't have a mix of apps, with some using SSO and others not. You can only have it that some domains use AD FS and some don't.

View solution in original post