Implementing Single Sign On using Microsoft Azure

Microsoft Azure logoThis week Microsoft announced that it will be extending Active Directory on the Azure cloud. This is a major selling point for Microsoft Azure.

Azure Active Directory has been around for about a year now. It enables organisations to create large Active Directories (up to around 500,000 users), providing a Single Sign On (SSO) solution based on an enterprise-level Identity Management standard. Azure Active Directory extends a company’s existing Active Directory to offer a single login across applications, for free.

The new Premium offering, now in preview (i.e. beta) phase, supports unlimited users, two factor authentication (including phone calls and text messages), to provide a Single Sign On solution across Azure applications, even non-Microsoft ones. If an organisation creates a custom app on Azure, they can add Active Directory as their own branded SSO system, competing with the likes of Facebook Connect, Twitter, and so on.

Organisations have been requesting these types of systems for a while. At Endava we build and host customers’ websites which have millions of users. Identity Management (IM) systems are usually licensed on a per-user basis, which is unaffordable for clients who offer free user accounts, so in the past we’ve usually built custom solutions for IM. Windows Azure Active Directory Premium offers this as a cloud based Identity Management system on a monthly cost rather than per user.

Many IT professionals predict public cloud offerings as the end of private data centres. Other IT professionals think that public cloud is fine for consumer apps, not enterprise level. I believe it depends on what the enterprise is trying to do that makes public cloud an option or not.

Azure Active Directory, especially the Premium offering, significantly strengthens Microsoft’s public cloud offering for the enterprise and provides an affordable IM solution for all websites.

1 thought on “Implementing Single Sign On using Microsoft Azure

Leave a Reply

Your email address will not be published. Required fields are marked *