azure ad app registration

Question

Hello,

If I registered one App on the portal, we know that we WILL NOT find SSO-blade for such app under "Enterprise Application" blade.

Is this app natively ready to do SAML based SSO ??
Of course , I need to take help of graph-api if I want to do any customization with claims in the SAML token. That is not very critical, though.

Imp. point is, are the registered apps can be SAML apps or it must be only OAuth apps ??

Thanks.

Answer 1

Hi Testuser,

Basically you can follow the detailed guidance and steps to integrate your applications in the AAD, five-steps-to-full-application-integration-with-azure-ad, this will setup the base layer for your app in the tenant and will give you framework.

Regarding the protocols, I will suggest you to review the scenarios for the app and decide on the approach that is recommended here.

SAML is basically used when you need to provide SSO and OAuth is used when you have rich client and modern app scenarios and RESTful web API access. So it depends on the requirements and your scenarios.
auth-oauth2

Hope this helps.
JS

==
Please Accept the answer if the information helped you. This will help us and others in the community as well.

Answer 2

Hello @testuser7 and thanks for reaching out. Azure AD app registrations are meant to support OAuth2 and OIDC while applications created as enterprise apps are meant to support SAML. That being said, you can do OAuth2 and SAML in some applications. In fact, I'm doing it right now using the Azure AD SAML Toolkit app, but keep in mind there's no specific documentation for the latter scenario and thus there is no (specific) support for it. However, nothing stops you from trying :)

Let us know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.