Microsoft Azure Active Directory Apps

A new feature in Azure Active Directory (AAD) is ‘Applications’. With this you can give users a single location to sign-in to more than 2100 cloud application. You can even add your own cloud apps. Your users can use this site to access the applications that they have access to: http://myapps.microsoft.com.

There are enterprise apps but also consumer apps like Spotify. To have a single-sign on experience there is client that needs to be installed to make it work. For the Office 365 apps this client is not necessary. With AAD Premium you have the possibility to update the login screen for the user. At the moment that the user goes from the login name field to the password field AAD checks if the user has be redirected to a custom login page (federated users) or can display a custom login page. This way you can give the user a ‘corporate’ login screen. To give this experience wright away the user can add the domain name behind the URL like http://myapps.microsoft.com/worktogether.tech. This way AAD knows the domain where the user wants to login to and displays this custom page

When you add a new app you can assign this to a group of users of to a single user. If you add for example Salesforce, you can even provision the users in Salesforce from AAD. When you assign an application to a user you have the possibility as an administrator to enter the credentials on behalf of the user/group.

With this option you do not have to give the credentials of the cloud application to the user to use it. So you can give the whole marketing team access to their Twitter account without given out the credentials. Another nice thing about this is that when a new user joins the marketing team you only have to add this user to the group and he/she has access. Or when the user leaves the company you remove the user from the group and they cannot use that application anymore.