Hi there,
I am new to Azure AD. Please forgive me if this is a naive question (I couldn't find a good answer on google).
We use AD as our single/centralized LDAP for Staff/Employees.
Now, we would like to turn Azure AD into the solo tool we need to manage RBAC and Credentials for all our employees.
Examples:
- Once a new employee is hired, we can go to the AD Admin panel and grand access to this person (add them to a access group)
- If this person leaves the company, we can go to AD Admin and revoke their access.
- If this person changes position/role at the company, it should be a matter of just going to Azure AD and moving them from one group to another.
Now, this seems to be a super typical use case for any company, BUT, like all of them, we have hundreds of different systems that Staff/Employees use daily. These can be SaaS services, In-House Legacy systems, old generation products, MS Excel spreadsheets, etc.
- Most of these systems support AD integration for AUTHENTICATION
- Few of these systems support AD integration for AUTHORIZATION (RBAC).
My question is: is there any add-on or native Azure AD functionality that I could use to integrate the authorization mechanism of those systems with Azure AD authorization? Some low-code tool or a set of preexisting "adapters" for the most commonly used systems? Like Netsuite, Salesforce, ZenDesk, SAP, etc.? What about the legacy and in-house systems?
After having this framework built around Azure AD, the benefits would be:
- Be able to provision and de-provision users in a central system
- Trace all the user access in one place
- Extract data (reports) from a single source of truth
Please, Is that something that can be done in Azure AD, or do I need another tool/service?
Any help would be appreciated.
Thanks