{"id":6616426,"date":"2022-09-27T12:47:37","date_gmt":"2022-09-27T12:47:37","guid":{"rendered":"https:\/\/www.openathens.net\/?p=6616426"},"modified":"2024-03-19T10:53:04","modified_gmt":"2024-03-19T10:53:04","slug":"microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation","status":"publish","type":"post","link":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/","title":{"rendered":"Microsoft Azure AD as an identity provider in an identity federation"},"content":{"rendered":"<div class=\"container\">\n<h2 class=\"wp-block-heading\" id=\"\"><strong>We outline the key reasons that make it tricky to use Microsoft Azure AD as an identity provider in an identity federation and some of the solutions.<\/strong><\/h2>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">The short answer is \u2018no\u2019 for most identity federations, but there are solutions to use Azure as your primary identity provider for federated access to resources.<\/p>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">Single sign-on systems such as Microsoft Azure AD can handle bilateral connections with a service provider. So why can\u2019t they be used as an organization\u2019s default identity provider in an identity federation?<\/p>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">Some identity federations require registering organizations (ie. your institution) to own or have permission to use the domain in the entityID. But Microsoft Azure entityIDs are in the windows.net domain, so you need permission from Microsoft to use their domain name.<\/p>\n<\/div>\n\n<div class=\"container\">\n<h3 class=\"wp-block-heading\" id=\"technical-considerations\">Technical considerations<\/h3>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">Azure AD only supports <a href=\"https:\/\/youtu.be\/WfgCvhDKH3E\" target=\"_blank\" rel=\"noreferrer noopener\">bilateral SAML connections<\/a> which means it is not scalable for federated single sign-on.<\/p>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">There are also <a href=\"https:\/\/www.ukfederation.org.uk\/content\/Documents\/ADFS\" target=\"_blank\" rel=\"noreferrer noopener\">interoperability issues<\/a> with:<\/p>\n<\/div>\n\n<div class=\"container\">\n<ol type=\"1\">\n<li><strong><em>Connectivity. <\/em><\/strong>Unable to consume multi-lateral federation metadata.<\/li>\n\n\n\n<li><strong><em>Access.<\/em> <\/strong>Does not support privacy preserving attributes eg. <a href=\"https:\/\/wiki.refeds.org\/display\/STAN\/eduPerson+%28202208%29+v4.4.0#eduPerson(202208)v4.4.0-eduPersonUniqueId\" target=\"_blank\" rel=\"noreferrer noopener\">eduPersonUniqueId<\/a>.&nbsp; Also, some vendors still require identity providers to release the deprecated <ins><a href=\"https:\/\/wiki.refeds.org\/display\/STAN\/eduPerson+%28202208%29+v4.4.0#eduPerson(202208)v4.4.0-eduPersonTargetedID\" target=\"_blank\" rel=\"noreferrer noopener\">eduPersonTargetedID<\/a><\/ins> which Azure does not support.<\/li>\n\n\n\n<li><strong><em>Security.<\/em><\/strong> Does not support SAML encryption and signature verification by default.<\/li>\n\n\n\n<li><strong><em>Potential vendor lock-in.<\/em><\/strong> Microsoft do not allow you to configure the entityID.<\/li>\n<\/ol>\n<\/div>\n\n<div class=\"container\">\n<h3 class=\"wp-block-heading\" id=\"user-considerations\">User considerations<\/h3>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">Personally Identifiable Information (PII) is released by default, but you can turn this off.<\/p>\n<\/div>\n\n<div class=\"container\">\n<h3 class=\"wp-block-heading\" id=\"how-to-connect-your-azure-directory-to-an-identity-federation\">How to connect your Azure directory to an identity federation<\/h3>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">The <a href=\"https:\/\/www.ukfederation.org.uk\/content\/Documents\/ProxyingIdP\" target=\"_blank\" rel=\"noreferrer noopener\">simple solution<\/a> to using your existing Azure AD is to connect with a SAML Identity Provider proxy such as <a href=\"https:\/\/www.openathens.net\/librarians\/\">OpenAthens hosted Identity Provider service<\/a>, your <a href=\"https:\/\/shibboleth.atlassian.net\/wiki\/spaces\/KB\/pages\/1467056889\/Using+SAML+Proxying+in+the+Shibboleth+IdP+to+connect+with+Azure+AD\" target=\"_blank\" rel=\"noreferrer noopener\">Shibboleth Identity Provider<\/a> or other proxy service. This will give your end users a full single sign-on experience.<\/p>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">Many institutions have successfully integrated Azure with an Identity Provider proxy. Given the powerful service that Microsoft systems enable, why not use what you\u2019ve got already and add capability for federated single sign-on?<\/p>\n<\/div>\n\n<div class=\"container\">\n<h3 class=\"wp-block-heading\" id=\"other-stuff-you-can-integrate-with\">Other stuff you can integrate with<\/h3>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">Identity Provider proxies do more than just integrate with user directories. They can <a href=\"https:\/\/www.openathens.net\/blog\/the-benefits-of-an-integrated-library-system\/\">connect with a wide range of other library and institutional systems<\/a>. These include inter-library loan services, discovery services and learning environments.<\/p>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">Connecting all your institutional services to an Identity Provide proxy leads to a more seamless user experience and frees up time that may be spent on workarounds and resetting user accounts.<\/p>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">We take the time to get to know you and your requirements so we can support every aspect of user access to your resources and services. We\u2019ll work closely with your team, resource providers and other third parties to ensure a smooth integration process.<\/p>\n<\/div>\n\n<div class=\"container\">\n<h3 class=\"wp-block-heading\" id=\"more-information\">More information<\/h3>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\"><a href=\"https:\/\/docs.openathens.net\/tpa\/configuring-microsoft-azure-as-an-authentication-p\">Go to our docs<\/a> to find out how to configure Microsoft Azure as an authentication provider of OpenAthens.<\/p>\n<\/div>\n\n<div class=\"container\">\n<h3 class=\"wp-block-heading\" id=\"need-some-help\">Need some help?<\/h3>\n<\/div>\n\n<div class=\"container\">\n<p class=\"core-paragraph\">For a small fee, <a href=\"mailto:contact@openathens.net\">our team<\/a> can help you set up your local directory integration. We&#8217;re there every step of the way! <\/p>\n<\/div>\n\n<section class=\"tout-reversible tout-reversible bg-white tout-reversible--image-left\">\n\t<div class=\"tout-reversible__container\">\n\t\t<div class='tout__image--wrapper square-image'>\n\t\t\t\t<picture\n\tclass=\"image   \"\n\t\t\t\t>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-1536x1536.jpg.webp\"\n\t\t\tmedia=\"(min-width: 1536px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-1536x1536.jpg\"\n\t\t\tmedia=\"(min-width: 1536px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-1200x1201.jpg.webp\"\n\t\t\tmedia=\"(min-width: 1200px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-1200x1201.jpg\"\n\t\t\tmedia=\"(min-width: 1200px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-1024x1024.jpg.webp\"\n\t\t\tmedia=\"(min-width: 1024px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-1024x1024.jpg\"\n\t\t\tmedia=\"(min-width: 1024px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-900x900.jpg.webp\"\n\t\t\tmedia=\"(min-width: 900px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-900x900.jpg\"\n\t\t\tmedia=\"(min-width: 900px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-768x768.jpg.webp\"\n\t\t\tmedia=\"(min-width: 768px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-768x768.jpg\"\n\t\t\tmedia=\"(min-width: 768px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-450x450.jpg.webp\"\n\t\t\tmedia=\"(min-width: 450px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-450x450.jpg\"\n\t\t\tmedia=\"(min-width: 450px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-300x300.jpg.webp\"\n\t\t\tmedia=\"(min-width: 300px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-300x300.jpg.webp\"\n\t\t\tmedia=\"(min-width: 300px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-300x300.jpg\"\n\t\t\tmedia=\"(min-width: 300px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-300x300.jpg\"\n\t\t\tmedia=\"(min-width: 300px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-150x150.jpg.webp\"\n\t\t\tmedia=\"(min-width: 150px)\"\n\t\t\/>\n\t\t\t<source\n\t\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-150x150.jpg\"\n\t\t\tmedia=\"(min-width: 150px)\"\n\t\t\/>\n\t\t<img\n\t\tclass=\" tout__image--square \"\n\t\tsrcset=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/02\/ian-battaglia-9drS5E_Rguc-unsplash-1200x1201.jpg\" alt=\"Microsoft Azure AD integration. Network servers - integrate systems\"\n\t\/>\n<\/picture>\n\n\t\t<\/div>\n\n\t\t<article class='tout__text' aria-label=\"Article content for the post, 'Find out more about the library systems OpenAthens integrates with'\">\n\t<h2 class='tout__title text-blue-dark' id=\"find-out-more-about-the-library-systems-openathens-integrates-with\">Find out more about the library systems OpenAthens integrates with<\/h2>\n\t<div class='tout__body text-blue-dark'><\/div>\n\t\t\t<a\n\t\t\t\t\t\t\t\t\thref=\"https:\/\/www.openathens.net\/librarians\/integrate-systems\/\"\n\t\t\t\t\t\t\ttarget=\"\"\n\t\t\t\t\t\t\trel=\"\"\n\t\t\t\t\t\t\tclass='cta-button cta-button--primary cta-button--small'\n\t>\n\t\tWhich library systems do we integrate with? \n\t<\/a>\n\t\t<\/article>\n\t<\/div>\n<\/section>\n","protected":false},"excerpt":{"rendered":"<p>We outline the key reasons that make it tricky to use Microsoft Azure AD as an identity provider in an identity federation and some of the solutions. The short answer is \u2018no\u2019 for most identity federations, but there are solutions to use Azure as your primary identity provider for federated access to resources. Single sign-on &hellip;<\/p>\n","protected":false},"author":6,"featured_media":6628351,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"audience":[118,10],"content-type":[54],"topic":[76,77],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Microsoft Azure AD as an identity provider in an identity federation - OpenAthens<\/title>\n<meta name=\"description\" content=\"Microsoft Azure AD integration is easy! Simply use your existing Azure AD to connect with a SAML Identity Provider proxy such as OpenAthens.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to use your Microsoft Azure AD as an identity provider in an identity federation\" \/>\n<meta property=\"og:description\" content=\"Microsoft Azure AD integration is easy! Simply use your existing Azure AD to connect with a SAML Identity Provider proxy such as OpenAthens.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/\" \/>\n<meta property=\"og:site_name\" content=\"OpenAthens\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-27T12:47:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-19T10:53:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"1280\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"janecharlton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"How to use your Microsoft Azure AD as an identity provider in an identity federation\" \/>\n<meta name=\"twitter:description\" content=\"Microsoft Azure AD integration is easy! Simply use your existing Azure AD to connect with a SAML Identity Provider proxy such as OpenAthens.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"janecharlton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/\"},\"author\":{\"name\":\"janecharlton\",\"@id\":\"https:\/\/www.openathens.net\/#\/schema\/person\/526eefd3b2c3d389a1d491d99b881a52\"},\"headline\":\"Microsoft Azure AD as an identity provider in an identity federation\",\"datePublished\":\"2022-09-27T12:47:37+00:00\",\"dateModified\":\"2024-03-19T10:53:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/\"},\"wordCount\":488,\"publisher\":{\"@id\":\"https:\/\/www.openathens.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg\",\"articleSection\":[\"Blog\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/\",\"url\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/\",\"name\":\"Microsoft Azure AD as an identity provider in an identity federation - OpenAthens\",\"isPartOf\":{\"@id\":\"https:\/\/www.openathens.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg\",\"datePublished\":\"2022-09-27T12:47:37+00:00\",\"dateModified\":\"2024-03-19T10:53:04+00:00\",\"description\":\"Microsoft Azure AD integration is easy! Simply use your existing Azure AD to connect with a SAML Identity Provider proxy such as OpenAthens.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#primaryimage\",\"url\":\"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg\",\"contentUrl\":\"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg\",\"width\":1920,\"height\":1280,\"caption\":\"thisisengineering-raeng-yhCHx8Mc-Kc-unsplash\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.openathens.net\/#website\",\"url\":\"https:\/\/www.openathens.net\/\",\"name\":\"OpenAthens\",\"description\":\"Remote access made simple\",\"publisher\":{\"@id\":\"https:\/\/www.openathens.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.openathens.net\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.openathens.net\/#organization\",\"name\":\"OpenAthens\",\"url\":\"https:\/\/www.openathens.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.openathens.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.openathens.net\/app\/uploads\/2022\/08\/OA_PRIMARY-LOGO_RGB_-BLUE.png\",\"contentUrl\":\"https:\/\/www.openathens.net\/app\/uploads\/2022\/08\/OA_PRIMARY-LOGO_RGB_-BLUE.png\",\"width\":500,\"height\":164,\"caption\":\"OpenAthens\"},\"image\":{\"@id\":\"https:\/\/www.openathens.net\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.openathens.net\/#\/schema\/person\/526eefd3b2c3d389a1d491d99b881a52\",\"name\":\"janecharlton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.openathens.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/37f0066826f7d20549c4adcb35d6c2e2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/37f0066826f7d20549c4adcb35d6c2e2?s=96&d=mm&r=g\",\"caption\":\"janecharlton\"},\"url\":\"https:\/\/www.openathens.net\/author\/janecharlton\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Azure AD as an identity provider in an identity federation - OpenAthens","description":"Microsoft Azure AD integration is easy! Simply use your existing Azure AD to connect with a SAML Identity Provider proxy such as OpenAthens.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/","og_locale":"en_US","og_type":"article","og_title":"How to use your Microsoft Azure AD as an identity provider in an identity federation","og_description":"Microsoft Azure AD integration is easy! Simply use your existing Azure AD to connect with a SAML Identity Provider proxy such as OpenAthens.","og_url":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/","og_site_name":"OpenAthens","article_published_time":"2022-09-27T12:47:37+00:00","article_modified_time":"2024-03-19T10:53:04+00:00","og_image":[{"width":1920,"height":1280,"url":"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg","type":"image\/jpeg"}],"author":"janecharlton","twitter_card":"summary_large_image","twitter_title":"How to use your Microsoft Azure AD as an identity provider in an identity federation","twitter_description":"Microsoft Azure AD integration is easy! Simply use your existing Azure AD to connect with a SAML Identity Provider proxy such as OpenAthens.","twitter_image":"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg","twitter_misc":{"Written by":"janecharlton","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#article","isPartOf":{"@id":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/"},"author":{"name":"janecharlton","@id":"https:\/\/www.openathens.net\/#\/schema\/person\/526eefd3b2c3d389a1d491d99b881a52"},"headline":"Microsoft Azure AD as an identity provider in an identity federation","datePublished":"2022-09-27T12:47:37+00:00","dateModified":"2024-03-19T10:53:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/"},"wordCount":488,"publisher":{"@id":"https:\/\/www.openathens.net\/#organization"},"image":{"@id":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#primaryimage"},"thumbnailUrl":"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg","articleSection":["Blog"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/","url":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/","name":"Microsoft Azure AD as an identity provider in an identity federation - OpenAthens","isPartOf":{"@id":"https:\/\/www.openathens.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#primaryimage"},"image":{"@id":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#primaryimage"},"thumbnailUrl":"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg","datePublished":"2022-09-27T12:47:37+00:00","dateModified":"2024-03-19T10:53:04+00:00","description":"Microsoft Azure AD integration is easy! Simply use your existing Azure AD to connect with a SAML Identity Provider proxy such as OpenAthens.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.openathens.net\/blog\/microsoft-azure-ad-as-our-identity-provider-in-an-identity-federation\/#primaryimage","url":"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg","contentUrl":"https:\/\/www.openathens.net\/app\/uploads\/2022\/09\/thisisengineering-raeng-yhCHx8Mc-Kc-unsplash.jpg","width":1920,"height":1280,"caption":"thisisengineering-raeng-yhCHx8Mc-Kc-unsplash"},{"@type":"WebSite","@id":"https:\/\/www.openathens.net\/#website","url":"https:\/\/www.openathens.net\/","name":"OpenAthens","description":"Remote access made simple","publisher":{"@id":"https:\/\/www.openathens.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.openathens.net\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.openathens.net\/#organization","name":"OpenAthens","url":"https:\/\/www.openathens.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.openathens.net\/#\/schema\/logo\/image\/","url":"https:\/\/www.openathens.net\/app\/uploads\/2022\/08\/OA_PRIMARY-LOGO_RGB_-BLUE.png","contentUrl":"https:\/\/www.openathens.net\/app\/uploads\/2022\/08\/OA_PRIMARY-LOGO_RGB_-BLUE.png","width":500,"height":164,"caption":"OpenAthens"},"image":{"@id":"https:\/\/www.openathens.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.openathens.net\/#\/schema\/person\/526eefd3b2c3d389a1d491d99b881a52","name":"janecharlton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.openathens.net\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/37f0066826f7d20549c4adcb35d6c2e2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/37f0066826f7d20549c4adcb35d6c2e2?s=96&d=mm&r=g","caption":"janecharlton"},"url":"https:\/\/www.openathens.net\/author\/janecharlton\/"}]}},"_links":{"self":[{"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/posts\/6616426"}],"collection":[{"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/comments?post=6616426"}],"version-history":[{"count":26,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/posts\/6616426\/revisions"}],"predecessor-version":[{"id":8487632,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/posts\/6616426\/revisions\/8487632"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/media\/6628351"}],"wp:attachment":[{"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/media?parent=6616426"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/categories?post=6616426"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/tags?post=6616426"},{"taxonomy":"audience","embeddable":true,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/audience?post=6616426"},{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/content-type?post=6616426"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.openathens.net\/wp-json\/wp\/v2\/topic?post=6616426"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}