how Azure AD users can access apollo application hosted in AWS

sounder rajan rajan 0 Reputation points
2024-06-17T22:18:14.2266667+00:00

Apollo Application is deployed on AWS Cloud. It is accessed by Contoso users using their Azure AD credentials. Azure AD is setup and configured on Contoso Azure Tenant.

 

We need a solution to change the Contoso Azure AD from Auth Tailspin Azure AD.  Tailspin Azure AD users need to access the Apollo Application. No change in application or location.  Let  me know if this is possible or not ?

if its possible, please provide me the step by step procedure for how to access it.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

1 answer

Sort by: Most helpful
  1. Pinaki Ghatak 5,600 Reputation points Microsoft Employee Volunteer Moderator
    2024-06-18T05:40:08.45+00:00

    Hello sounder rajan rajan

    To allow Tailspin Azure AD users to access the Apollo application without changing the application or its location, follow these steps:

    1. Configure Apollo Application as Multi-tenant:
    • In your Azure AD, configure the Apollo Application as a multi-tenant application.
      • This allows users from different Azure AD tenants (including Tailspin) to access the application without being invited as guests.
    1. Update Application Code:
    • Modify the Apollo Application code to validate the issuer and perform authorization using tokens issued by the Contoso tenant.
    • When users from Tailspin access the application and accept the consent prompt, a service principal corresponding to your app will be created in the Tailspin tenant.
    • The Tailspin tenant can then issue tokens for your multi-tenant application.
    1. Test and Monitor:
    • Test the setup thoroughly to ensure seamless access for Tailspin users.
      • Monitor logs and authentication events to troubleshoot any issues.

    Remember that the “Cross-tenant access settings” won’t directly achieve this, but configuring the application as multi-tenant will allow Tailspin users to access the Apollo Application without being guests in your tenant


    I hope that this response has addressed your query and helped you overcome your challenges. If so, please mark this response as Answered. This will not only acknowledge our efforts, but also assist other community members who may be looking for similar solutions.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.