How to create an app that automates SSO configuration and publish it in App gallery?

Mateusz Stebnicki 21 Reputation points
2020-05-13T12:45:43.717+00:00

Hi all,

I’m fairly new to the Azure ecosystem and constantly learning new things about its architecture, so please forgive me if I’m using incorrect terminology.

Our company offers a SAML-based SSO and Azure is one of the Identity Providers we support.

Currently, we ask our customers to register a non-gallery, enterprise app in their Azure AD Directory and to configure SSO manually. This involves uploading encryption certificate that we provide, as well as settings SAML endpoints and attribute mappings correctly. Since it’s a multi-step process, it’s very prone to human error and we’re looking for ways to make it simpler, faster and less painful.

Ideally, we’d want to pre-package as much of this configuration as possible and make it available for the clients with Azure AD - for reference, OneLogin’s App catalog or Okta’s Okta Integration Network (OIN) serve similar purpose.

If I understand correctly, Azure has Microsoft Azure Marketplace that would be suitable for the task - we’d be showing our app in the app gallery.

We registered as partners in Microsoft Partner Center and created an offer with a Solution Template plan, as only the tenant should have the access to the app.

In Technical configuration section of the offer, we need to provide ARM template json file as well as UI configuration. I tried crafting appropriate ARM template that would create an App registration with SSO configuration, but without luck. Then I stumbled upon this feature request and realised our intended approach might not work, as ARM templates don’t support creation of App registrations.

Is our approach described above viable?
If so, I’d appreciate any advise on how to do it.
If not, what are the alternatives?

Stay healthy and safe!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,467 questions
0 comments
Accepted answer
  1. Jeevan Desarda 91 Reputation points Microsoft Employee
    2020-05-14T18:44:22.543+00:00

    Thanks for elaborating your scenario here. We would like to have your application listed in Azure AD App Gallery. Consider this as equivalent to OneLogin's app catalog or OIN. This will help our mutual customers to easily able to add the app from App gallery ( all the gallery apps are certified by Microsoft) and then it will provide all the default values like URLs, claims etc. That way our customers have to only do minimum configuration.

    Our process for listing the application in the gallery is available here https://aka.ms/AzureADAppRequest I own this program in the product group. So feel free to reach out to us if you have more question using this email alias SaaSApplicationIntegrations@abdou .microsoft.com

    Note that we are not part of Partner Center yet but we have our own process of listing the applications in the Azure AD app gallery.

    Thanks,

    Jeevan Desarda

    2 people found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest