Share via

Configuration options for Azure AD Application Proxy to embed authenticated user in cookie

Kaustav Bose 25 Reputation points
2023-07-14T13:51:31+00:00

We are planning to use Azure AD's Application Proxy functionality to access a set of on-prem applications.

These apps require the authenticated user (in Azure AD) to be included as a session cookie. The backend on-prem application extracts the userid and queries it against a database to pull other authorization related attributes.

What configuration options do I need to use?

I was thinking of Header-based SSO, but would like someone to validate it or suggest a more accurate option.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,317 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Akshay-MSFT 17,931 Reputation points Microsoft Employee
    2023-07-18T11:02:20.7333333+00:00

    @Kaustav Bose

    Thank you for posting your query on Microsoft Q&A. Based on above description seems like you are looking for advisory on what SSO flow would be better while using Azure application proxy to access an on prem application.

    Please do correct me if this is not the case by responding in the comments section.

    • Since your backed application is configured to extract the required attributes, Header-based SSO is most suitable for the ask.
    • This the is only SSO flow supporting Header-based integration where Application Proxy does the SSO integration with Azure AD and then passes identity or other application data as HTTP headers to the application.

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.