question

AitYounes avatar image
0 Votes"
AitYounes asked AitYounes answered

Federation for a partial population

Greetings,

I want to know if it is possible to federate the authentication of a partial population that resides on AzureAD, using an external Identity Provider (PingFederate, Okta, ..)

The goal is to test this federation on a pilot population just on AzureAD production, before expanding it to the entire population.

Thank you in advance,

adfsazure-ad-identity-governance
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DillonJS avatar image
0 Votes"
DillonJS answered DillonJS edited

Hi @AitYounes

To answer your question: Yes.

When you are creating an enterprise application (for external Identity Providers) you will be able to manage who can use the app by assigning users or groups to the application.

226248-image.png

Make Azure Active Directory an identity provider (with Okta as example)

https://help.okta.com/en-us/Content/Topics/Provisioning/azure/azure-identify-identity-provider.htm#:~:text=Sign%20in%20to%20the%20Microsoft,left%20menu%20and%20click%20SAML.

After adding Okta as an Azure AD Enterprise Application, assign certain users or groups (population) to the app and only they will be able to use Azure AD SSO.



If this is helpful please mark as correct answer.


image.png (16.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AitYounes avatar image
0 Votes"
AitYounes answered

Hello DillonJS,

Thank you for your answer.

I actually want to know if we can delegate the entire authentication to the 3rd party IDP (for that limited population at first), so that access to the applications and services (Office365, Outlook, ..) will be automatically assigned to it.

Regards,

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.