Build resilience in application access with Application Proxy

Application Proxy is a feature of Microsoft Entra ID that enables users to access on premises web applications from a remote client. Application Proxy includes the Application Proxy service in the cloud and the Application Proxy connectors that run on an on-premises server.

Users access on premises resources through a URL published via Application Proxy. They're redirected to the Microsoft Entra sign-in page. The Application Proxy service in Microsoft Entra ID then sends a token to the Application Proxy connector in the corporate network that passes the token to the on-premises Active Directory. The authenticated user can then access the on-premises resource. In the diagram below, connectors are shown in a connector group.


When you publish your applications via Application Proxy, you must implement capacity planning and appropriate redundancy for the Application Proxy connectors.

Architecture diagram of Application y)

How do I implement Application Proxy?

To implement remote access with Microsoft Entra application proxy, see the following resources.

Next steps

Resilience resources for administrators and architects

Resilience resources for developers