Azure AD recommendation: Migrate apps from ADFS to Azure AD

Azure AD recommendations provides you with personalized insights and actionable guidance to align your tenant with recommended best practices.

This article covers the recommendation to migrate apps from Active Directory Federated Services (AD FS) to Azure Active Directory (Azure AD). This recommendation is called adfsAppsMigration in the recommendations API in Microsoft Graph.


As an admin responsible for managing applications, you want your applications to use Azure AD’s security features and maximize their value. This recommendation shows up if your tenant has apps on ADFS that can 100% be migrated to Azure AD.


Using Azure AD gives you granular per-application access controls to secure access to applications. With Azure AD's B2B collaboration, you can increase user productivity. Automated app provisioning automates the user identity lifecycle in cloud SaaS apps such as Dropbox, Salesforce and more.

Action plan

  1. Install Azure AD Connect Health on your AD FS server.
  2. Review the AD FS application activity report to get insights about your AD FS applications.
  3. Read the solution guide for migrating applications to Azure AD.
  4. Migrate applications to Azure AD. For more information, see the article Migrate from federation to cloud authentication.

Guided walkthrough

For a guided walkthrough of many of the recommendations in this article, see the migration guide Migrate from AD FS to Microsoft Azure Active Directory for identity management.

Next steps