none
Azure hosted application. OAuth/SAML, ADFS, Sharepoint

    Question

  • Hi All,

    Sorry if this is the wrong location to be raising this.

    Currently we have an application/service that is currently hosted within Azure AD. The service is primarily used to configure a custom application that provides access to Sharepoint content.

    The desired steps would be for a user to open the custom app and for it present a web auth dialog that is hosted on the Azure application. At the Auth prompt, the user should enter their email address at which point it recognizes the domain name and redirects to an ADFS server for authentication (local to their company). Once authenticated, we then wont for the application to connect to an on-prem Sharepoint farm and for it authenticate the user without having to retype their credentials (SSO). Either user OAuth/SAML/WS-Fed.

    Does anyone have any ideas on the best way to achieve this?

    Thursday, February 16, 2017 4:55 AM

All replies

  • I am uncertain what you mean by "my application is hosted on Azure AD". Azure AD doesn't host application. Your application can trust Azure AD though. Is that what you mean?

    If so, the redirection to your ADFS for authentication is possible. You have to declare your Azure AD domain as federated (as opposed as managed). When you do that you will have to give the information about your ADFS deployment (URLs, endpoints, certificates, etc... usually we use the FederationMetadata.xml file of your ADFS farm as it contains everything we need). And it also requires you to create a Relying Party trust for your Azure AD in ADFS. If you want more details on the steps, I recommend one of the following two forums:

    • Active Directory Federation Services (ADFS) https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=ADFS
    • Azure Active Directory (Azure AD) https://social.msdn.microsoft.com/Forums/windowsserver/en-US/home?forum=WindowsAzureAD


    Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.

    Thursday, February 16, 2017 3:13 PM
  • Hi,

    Just checking in to see if the information provided was helpful. Please let us know if you would like further assistance.

    Best Regards,

    Alvin Wang


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, February 27, 2017 5:33 AM
    Moderator