Partner SSO with different user membership

asked 2021-04-17T19:36:10.503+00:00
Frank 1 Reputation point

We want to allow our customers to sign in via SSO (they use Azure AD). After login to our site, we would like to be able to redirect our users to a 3rd-party partner to login under the same credentials that the user used for our site. Let's say that our customer is FooCompany and all their users login with username@hko .com

However, because of how our partner operates, all users for FooCompany (e.g. user1@hko .com, user2@hko .com, etc.) must use the same user on our partner's site. What is the best way of setting this up using SSO standards?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,544 questions
No comments
{count} votes

1 answer

Sort by: Most helpful
  1. answered 2021-05-13T14:37:36.417+00:00
    VipulSparsh-MSFT 15,951 Reputation points

    @Frank Thanks for reaching out and apologies for delay on this. Choosing a SSO method depends on lot of other things as well.
    Cloud applications can use OpenID Connect, OAuth, SAML, password-based, linked, or disabled methods for single sign-on.
    On-premises applications can use password-based, Integrated Windows Authentication, header-based, linked, or disabled methods for single sign-on. The on-premises choices work when applications are configured for Application Proxy.

    I want to share a flowchart which can shed some more light on your scenario,

    96338-image.png

    Let us know if this helps or if you have any questions.

    -----------------------------------------------------------------------------------------------------------------

    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.

    No comments