Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (2023)

  • Article

In this tutorial, you will learn how to integrate Jamf Pro with Azure Active Directory (Azure AD). When you integrate Jamf Pro with Azure AD, you can:

  • Use Azure AD to control who has access to Jamf Pro.
  • Automatically sign in your users to Jamf Pro with their Azure AD accounts.
  • Manage your accounts in one central location: the Azure portal.


To get started, you need the following items:

  • An Azure AD subscription. If you don't have a subscription, you can get onefree account.
  • A Jamf Pro subscription that is activated with single sign-on (SSO).

Script description

In this tutorial, you configure and test Azure AD SSO in a test environment.

  • Jamf Pro supportsSP startedandStarted IdPSSO.

Add Jamf Pro from gallery

To configure Jamf Pro integration with Azure AD, you need to add Jamf Pro from the collection to the list of managed SaaS applications.

  1. Sign in to the Azure portal using either a work or school account or your personal Microsoft account.
  2. In the left pane, select itAzure Active Directoryservice.
  3. I'm going to youCorporate Applicationsand then selectAll Applications.
  4. To add a new application, selectNew application.
  5. In theAdd from collectionsection, enterJamf Proin the search box.
  6. ChooseJamf Profrom the results panel and then add the application. Wait a few seconds for the app to be added to your tenant.

Alternatively, you can also use theEnterprise App Configuration Wizard. In this guide, you can add an application to your tenant, add users/groups to the application, assign roles, as well as walk through the SSO configuration.Learn more about Microsoft 365 guides.

Configure and test SSO to Azure AD for Jamf Pro

Configure and test Azure AD SSO with Jamf Pro using a test user named B.Simon. For SSO to work, you must create a login relationship between an Azure AD user and the associated user in Jamf Pro.

In this section, you configure and test Azure AD SSO with Jamf Pro.

  1. Configure SSO in Azure ADso your users can use this feature.
    1. Create a test Azure AD userto test Azure AD SSO with the B.Simon account.
    2. Assign the Azure AD test userso that B.Simon can use SSO to Azure AD.
  2. Configure SSO in Jamf Proto configure application-side SSO settings.
    1. Create a Jamf Pro trial userhave a counterpart of B.Simon in Jamf Pro linked to the user's Azure AD representation.
  3. Test the SSO configurationto verify that the configuration works.

Configure SSO in Azure AD

In this section, you enable Azure AD SSO in the Azure portal.

  1. In the Azure portal, atJamf Proapp integration page, find itThey managesection and selectSingle Sign-On.

  2. In theSelect a single login methodpage, selectSAML.

  3. In theSet up Single Sign-On with SAMLpage, select the pencil icon forBasic SAML configurationto edit the settings.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (1)

  4. In theBasic SAML configurationsection if you want to configure the application toStarted IdPmode, enter the values ​​for the following fields:

    (Video) Azure Active Directory Single Sign-On Configuration Demo

    one. In theIdentifiertext box, enter a URL that uses the following formula:https://.jamfcloud.com/saml/metadata

    si. In theResponse URLtext box, enter a URL that uses the following formula:https://.jamfcloud.com/saml/SSO

  5. ChooseSet additional URLs. If you want to configure the application toSP startedoperation, atLogin URLtext box, enter a URL that uses the following formula:https://.jamfcloud.com


    These values ​​are not real. Update these values ​​with the actual ID, response URL, and connection URL. You will get the actual id value fromSingle Sign-Onsection in the Jamf Pro portal, which is explained later in the tutorial. You can extract the actual subdomain value from the identifier value and use that subdomain information as the connection URL and response URL. You can also refer to the types shown in theBasic SAML configurationsection in the Azure portal.

  6. In theSet up Single Sign-On with SAMLpage, go toSAML signing certificatesection, select itcopybutton to copyApplication federation metadata URLand then save it to your computer.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (2)

Create a test Azure AD user

In this section, you create a test user in the Azure portal named B.Simon.

  1. In the left pane in the Azure portal, selectAzure Active Directory, selectUsersand then selectAll users.
  2. ChooseNew userat the top of the screen.
  3. In theUserproperties, follow these steps:
    1. In theNamefield, enterB.Simon.
    2. In theUsernamefield, type [name]@[company domain].[extension]. For example,B.Simon@contoso.com.
    3. Choose itShow the codecheck box, and then note the value that appears in thePasswordbox.
    4. ChooseCreate.

Assign the Azure AD test user

In this section, you grant B.Simon access to Jamf Pro.

  1. In the Azure portal, selectCorporate Applicationsand then selectAll applications.
  2. In the application list, selectJamf Pro.
  3. On the app's overview page, find itThey managesection and selectUsers and groups.
  4. ChooseAdd user, then selectUsers and groupsin theAdd Jobdialog box.
  5. In theUsers and groupsdialog box, selectB.Simonfrom the Users list, and then select itChoosebutton at the bottom of the screen.
  6. If you expect users to be assigned a role, you can select it from theSelect a roledrop down list. If no role is configured for this application, the "Default Access" role appears selected.
  7. In theAdd Jobdialog box, select itAssignbutton.

Configure SSO in Jamf Pro

  1. To automate configuration in Jamf Pro, install itMy apps Browser extension Secure loginchoosingInstall the extension.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (3)

  2. After adding the extension to the browser, selectSet up Jamf Pro. When the Jamf Pro app opens, provide your administrator credentials to log in. The browser extension will automatically configure the application and automate steps 3 to 7.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (4)

  3. To set up Jamf Pro manually, open a new browser window and log in to the Jamf Pro company website as an administrator. Then follow the steps below.

    (Video) Single Sign On (SSO) - How it Works!

  4. Choose itSettings iconfrom the top right corner of the page.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (5)

  5. ChooseSingle Sign-On.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (6)

  6. In theSingle Sign-Onpage, follow the steps below.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (7)

    one. ChooseProcessing.

    si. Choose itEnable single sign-on authenticationcontrol box.

    do. ChooseBlueas a choice ofIdentity Providerdrop down menu.

    Hey. Copy itENTITY IDvalue and paste it inID (Entity ID)field atBasic SAML configurationsection in the Azure portal.


    Use the value infield to fill in the login URL and the reply-to URLBasic SAML configurationsection in the Azure portal.

    m. ChooseMetadata URLfromSource of identity provider metadatadrop down menu. In the field that appears, paste itApplication federation metadata urlvalue that you copied from the Azure portal.

    eat (Optional) Edit the token expiration value or select "Disable SAML token expiration".

    (Video) Single Sign On | What it is How it works Why you need it

  7. On the same page, scroll down toUser mappingUnity. Then follow the steps below.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (8)

    one. Choose itName IDoption forIdentity provider user mapping. By default, this option is set toName ID, but you can set a custom attribute.

    si. Choosee-mailForJamf Pro User Mapping. Jamf Pro maps the SAML attributes sent by the IdP first to users and then to groups. When a user tries to access Jamf Pro, Jamf Pro obtains information about the user from the identity provider and matches it with all Jamf Pro user accounts. If the incoming user account is not found, then Jamf Pro attempts to match it with the group name.

    do. Paste the pricehttp://schemas.microsoft.com/ws/2008/06/identity/claims/groupsin theIDENTITY PROVIDER ATTRIBUTE GROUP NAMEfield.

    Hey. On the same page, scroll down toSecuritysection and selectAllow users to bypass Single Sign-On authentication. As a result, users will not be redirected to the Identity Provider login page for authentication and can login directly to Jamf Pro. When a user tries to access Jamf Pro through the Identity Provider, IdP-initiated SSO authentication and authorization occurs.

    m. ChooseSave.

Create a Jamf Pro trial user

In order for Azure AD users to sign in to Jamf Pro, they must sign in to Jamf Pro. Provisioning in Jamf Pro is a manual task.

To create a user account, follow these steps:

  1. Log in to the Jamf Pro company website as an administrator.

  2. Choose itSettingsicon in the upper right corner of the page.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (9)

  3. ChooseJamf Pro user accounts and groups.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (10)

  4. ChooseYoung.

    (Video) Azure AD Joined SSO Access to AD Joined Resources!

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (11)

  5. ChooseCreate a standard account.

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (12)

  6. In theNew accountdialog box, perform the following steps:

    Tutorial: Integrating Azure Active Directory Single Sign-On (SSO) with Jamf Pro - Microsoft Entra (13)

    one. In theUSERNAMEfield, enterBritta Simon, the test user's full name.

    si. Select the options forACCESS LEVEL,PRIVILEGE SET, andACCESS STATUSwhich is according to your organization.

    do. In theFULL NAMEfield, enterBritta Simon.

    Hey. In theEMAIL ADRESSfield, enter the email address of Britta Simon's account.

    m. In thePASSWORDfield, enter the user's password.

    eat In theVERIFY PASSWORDretype the user's password.

    G. ChooseSave.

Test the SSO configuration

In this section, you test the Azure AD single sign-on configuration with the following options.

SP started:

  • Click onTry this appin the Azure portal. This will redirect to the Jamf Pro Sign on URL where you can start the login flow.

  • Go directly to the Jamf Pro Sign-on URL and start the login flow from there.

    (Video) SSO for Azure AD on Apple Platforms

Started IDP:

  • Click onTry this appin the Azure portal and you should automatically sign in to the Jamf Pro you configured SSO for

You can also use Microsoft My Apps to test the app in any mode. When you click on the Jamf Pro tile under My Apps, if it is set to SP mode, you will be redirected to the app icon on the page to start the login flow, and if it is set to IDP mode, you should automatically login to Jamf Pro for which you have create the SSO. For more information about My Apps, seeIntroduction to My Apps.

Next steps

After configuring Jamf Pro, you can enforce Session Control, which protects your organization's sensitive data from exploration and intrusion in real time. Session control extends from conditional access.Learn how to enforce session control with Microsoft Defender for Cloud Apps.


How do I connect Jamf to Azure AD? ›

An app registration for Jamf Connect in Azure AD.
  1. Click the Azure Active Directory in the left sidebar.
  2. Click App registrations, and then select your Jamf Connect app registration.
  3. Click Manifest.
  4. In the manifest, find "appRoles": [] , and then add your role entries to the manifest. ...
  5. Click Save.

How to implement SSO with Azure AD? ›

To configure SSO in Azure AD:
  1. In the Azure portal, select Edit in the Basic SAML Configuration section on the Set up single sign-on pane.
  2. Select Save.
  3. In the SAML Certificates section, select Download for Certificate (Raw) to download the SAML signing certificate and save it to be used later.
Mar 9, 2023

Does Jamf work with Azure AD? ›

Jamf Connect provides support for Microsoft Azure AD. Integrating Microsoft Azure AD with Jamf Connect involves the following steps: Register Jamf Connect Login with Microsoft Azure. Assign users and designate user roles.

How to implement SSO with Active Directory? ›

Single sign-on (SSO) solutions allow users to login to multiple applications with just one set of credentials, eliminating the hassle and risk of managing different combinations of usernames and passwords. To enable single sign-on with Active Directory, you'll need to use ADFS or a third-party tool.

Does Jamf Connect work with Active Directory? ›

Jamf Connect uses standards-based technologies to connect to Active Directory or single sign-on (SSO).

How to connect jamf to ldap? ›

Manually Adding an LDAP Server
  1. Log in to Jamf Pro.
  2. In the top-right corner of the page, click Settings .
  3. Click System Settings.
  4. Click LDAP Servers .
  5. Click New .
  6. Select Configure Manually and click Next.
  7. Use the Connection pane to configure how Jamf Pro connects to the LDAP server.

How does SSO work with Azure Active Directory? ›

Azure Active Directory Seamless single sign-on (Azure AD Seamless SSO) automatically signs users in when they are on their corporate devices connected to your corporate network. When enabled, users don't need to type in their passwords to sign in to Azure AD, and usually, even type in their usernames.

Can Azure AD be used for SSO? ›

With Azure AD, users can conveniently access all their apps with SSO from any location, on any device, from a centralized and branded portal for a simplified user experience and better productivity.

Can Active Directory be used for SSO? ›

Microsoft Active Directory Federation Services is a platform that can handle single sign-on for many applications outside of the firewall. This platform is flexible for your needs, and it can be a strong solution.

Does Microsoft use Jamf? ›

Microsoft Intune supports integrating your Jamf Pro deployment to bring device compliance and Conditional Access policies to your macOS devices.

How do I add MDM to Azure AD? ›

Go to Azure Portal and login, if need be or navigate to Azure Active Directory -> Mobility (MDM and MAM) -> Add Application. Select On-Premises MDM (in case of MDM On-Premises) or ManageEngine MDM (in case of MDM Cloud) and then click on Add.

What is the difference between Intune and AAD? ›

AADDS and Intune are completely unrelated. AADDS, like on-prem AD, is a directory service like provides identity and authentication services. GPOs exist as well but I'd never call GPOs true management or administration of devices. Intune is a management system to configure and control the state of a device.

What is the difference between SSO and AD integration? ›

AD and SSO are very different; one is an on-prem directory service — the authoritative source of identities, the other a cloud-based, web app identity extension point solution that federates the identities from a core directory to web applications.

What SSO protocols are supported by Azure AD? ›

Azure AD supports many standardized protocols for authentication and authorization, such as SAML 2.0, OpenID Connect, OAuth 2.0, and WS-Federation. Azure AD also supports password vaulting and automated sign-in capabilities for apps that only support forms-based authentication.

What is the difference between SSO and Active Directory? ›

With SSO, a user logs in once, and gains access to all systems without being prompted to log in again at each of them. Active Directory (AD) is a directory service that provides a central location for network administration and security.

How to connect Active Directory with Azure Active Directory? ›

Connect your organization to Azure AD
  1. Select. ...
  2. Select Azure Active Directory, and then select Connect directory.
  3. Select a directory from the dropdown menu, and then select Connect. ...
  4. Select Sign out. ...
  5. Confirm that the process is complete.
Oct 4, 2022

Which are the recommended operating systems for Jamf Pro? ›

Web Browsers
Minimum SupportedChromeChrome
1 more row

What is the difference between Jamf Pro and Jamf now? ›

Overview. Jamf Now is a simple-to-use, cloud-based MDM solution to manage Apple devices at work. Jamf Now makes complex tasks simple... Jamf Pro is a comprehensive mobile device management tool for IT pros to manage, deploy and secure their Macs, iPads, iPhones and Apple TVs.

What port does Jamf Pro use for LDAP? ›

This port is specified in the LDAP server's configuration in Jamf Pro. The most common configurations are port 389 for LDAP and port 636 for LDAPS.

How to connect SSO to LDAP? ›

Enabling LDAP for Harness SSO​
  1. Log into Harness, mouseover Continuous Security, and then click Access Management.
  2. From the resulting Access Management page, click Authentication Settings.
  3. From the Authentication Settings page, click Add SSO Providers, then click LDAP.

How to sync Active Directory with LDAP? ›

Navigate to Administration Services | Applications menu item. Click on the Authentication Profiles button. Select the Default Authentication Profile. Select the LDAP Directory Connector (Active Directory and Domino) option in the Domain Authentication Mechanisms drop-down.

What is the difference between Azure AD and Azure SSO? ›

Azure AD is designed to manage access to cloud-based applications and servers using modern authentication protocols such as SAML 2.0, OpenID Connect, OAuth 2.0, and WS-Federation. Azure AD Single Sign-On (SSO) is an Azure AD feature that allows users to conveniently log into SaaS applications.

Does Azure AD SSO use SAML? ›

Azure AD: Enterprise cloud IdP that provides SSO and Multi-factor authentication for SAML apps. It synchronizes, maintains, and manages identity information for users while providing authentication services to relying applications.

What is the difference between SSO and federated SSO? ›

The key difference between SSO and FIM is while SSO is designed to authenticate a single credential across various systems within one organization, federated identity management systems offer single access to a number of applications across various enterprises.

What are the different types of SSO in Azure? ›

Single sign-on options

Choosing an SSO method depends on how the application is configured for authentication. Cloud applications can use federation-based options, such as OpenID Connect, OAuth, and SAML. The application can also use password-based SSO, linked-based SSO, or SSO can be disabled.

Do you need Azure AD premium for SSO? ›

Azure AD licensing - SSO for pre-integrated enterprise applications is free. However, the number of objects in your directory and the features you wish to deploy may require more licenses.

Does Microsoft have an SSO solution? ›

Single sign-on with Azure AD

Enabling SSO with Azure Active Directory (Azure AD) means users can sign-in once to access their Microsoft apps and other cloud, SaaS, and on-premises apps with the same credential.

Which file is required to configure SSO on Active Directory? ›

Because the SSO Client installer for Windows is an MSI file, you can use an Active Directory Group Policy to automatically install it when users log on to your domain from a Windows computer.

What is the difference between Active Directory SSO and LDAP? ›

What is the difference between SSO and LDAP? SSO is a convenient authentication method that allows users to access multiple applications and systems using just one login. LDAP is the protocol or communication process that will enable users to access a network resource through a directory service.

What is the difference between ADFS and Azure AD SSO? ›

Both Microsoft tools share SSO-like properties, and they each need to work in tandem with on-prem Active Directory (although Azure AD could possibly be used without). The key difference is that AAD is an identity and access management (IAM) solution while AD FS is a security token service (STS).

What is the difference between Jamf and Intune? ›

Comparison Results: Based on the parameters we compared, Jamf Pro received higher product ratings. Its ease of deployment, its solid set of features, and its service and support all top Microsoft Intune's offerings.

Can Jamf Pro be used from Windows? ›

The Jamf Pro Installer for Windows installs Apache Tomcat and the Jamf Pro web app. To run the Jamf Pro Installer for Windows, copy it to the server. Then open the installer and follow the onscreen instructions. Note: The installer must be run as an administrator.

Why use Jamf Pro? ›

Managing iOS devices

Under Devices, Jamf Pro provides a range of tools that help with device configuration, provisioning, user grouping and staging. Administrators can configure policy and device restrictions related to Wi-Fi, passcode and encryption under Configuration Profiles (Figure 2).

What is MDM in Azure Active Directory? ›

A cloud-based MDM is a SaaS application that provides device management capabilities in the cloud. It's a multi-tenant application. This application is registered with Azure AD in the home tenant of the MDM vendor.

What is the difference between MAM and MDM in Azure AD? ›

The difference between MDM, MAM, EMM, and UEM

MDM is a way of securing mobile devices such as smartphones and tablets, whereas MAM secures the applications on those devices that are used to access organizational data, such as Outlook, SharePoint, and OneDrive.

How do I bulk join devices to Azure AD? ›

To bulk enroll devices for your Azure AD tenant, you create a provisioning package with the Windows Configuration Designer (WCD) app. Applying the provisioning package to corporate-owned devices joins the devices to your Azure AD tenant and enrolls them for Intune management.

What is the difference between Azure AD and Active Directory? ›

Azure AD provides managed identities to run other workloads in the cloud. The lifecycle of these identities is managed by Azure AD and is tied to the resource provider and it can't be used for other purposes to gain backdoor access. Active Directory doesn't natively support mobile devices without third-party solutions.

What is the difference between aad tenant and directory? ›

According to the documentation, a tenant is a container within Azure associated with a company or group of people, and a directory is a container; all directories are mutually exclusive, i.e. what you do in one directory does not affect any other.

What is the difference between AAD managed identity and service principal? ›

Managed Identity is suitable for scenarios where a single resource needs to access another Azure resource, while Service Principal is suitable for more complex scenarios where multiple resources need to access multiple Azure resources.

What is required for SSO integration? ›

For SSO implementation to happen, you will need to get these different user directories on the same page. This can be done through various third-party vendors that have developed a single point of integration to use across all of your different platforms.

What is the difference between API and SSO? ›

SSO vs API summary

SSO streamlines your user experience when accessing other applications. It's a set of Single Sign-On credentials associated with each user. API is all about data automation. It keeps your data in sync and automates pulling data out of a system to generate reports.

How does SSO integration work? ›

SSO works based upon a trust relationship set up between an application, known as the service provider, and an identity provider, like OneLogin. This trust relationship is often based upon a certificate that is exchanged between the identity provider and the service provider.

What protocol is most used for standard SSO cloud application integrations? ›

SAML. Security Assertion Markup Language, or SAML, is an open-standard identity management protocol commonly used for single sign-on (SSO), which allows users to share the same credentials across different services and applications.

Does Azure SSO require MFA? ›

Yes. Azure AD Multi-Factor Authentication is required at sign-in.

Which protocols are not supported by Azure AD? ›

Azure AD uses protocols such as SAML and OAuth. 2.0. It does not support NTLM, Kerberos or LDAP (Lightweight Directory Access Protocol).

What is the difference between authentication and SSO? ›

Authentication: process of an entity (the Principal) proving its identity to another entity (the System). Single Sign On (SSO): characteristic of an authentication mechanism that relates to the user's identity being used to provide access across multiple Service Providers.

What are the two types of Active Directory domain Services user accounts? ›

Active Directory has two forms of common security principals: user accounts and computer accounts. These accounts represent a physical entity that is either a person or a computer. A user account also can be used as a dedicated service account for some applications.

How do I add a Mac device to Azure AD? ›

The Active Directory connector allows the Mac to access basic account information on a Windows server running Windows 2000 or later. It is not possible to join a Mac device to Azure AD. But it is possible is to enroll your devices using Intune, which might be the best option for your scenario.

How do I connect Apple School Manager to Azure AD? ›

Configure Apple School Manager to support provisioning with Azure AD. In Apple School Manager, sign in with an account that has the role of Administrator, Site Manager, or People Manager. Click Settings at the bottom of the sidebar click Data Source below Organization Settings, then click Connect to Data Source.

How do I connect to Azure AD device? ›

Open Settings, and then select Accounts. Select Access work or school, and then select Connect. On the Set up a work or school account screen, select Join this device to Azure Active Directory.

Can a single Microsoft account be used to manage multiple Azure subscriptions? ›

Users are those accounts that sign in to Azure to create, manage, and use resources. A user may have access to multiple subscriptions, but a user is only associated with a single tenant. Subscriptions are the agreements with Microsoft to use cloud services, including Azure.

Can I use Azure Active Directory for Mac? ›

The short answer is yes — you can bind Mac to Azure.

What devices can be joined to Azure AD? ›

You can configure Azure AD join for all Windows 11 and Windows 10 devices except for Home editions. The goal of Azure AD joined devices is to simplify: Windows deployments of work-owned devices. Access to organizational apps and resources from any Windows device.

Do you need a license to join a device to Azure AD? ›

User is in MDM scope: If you have an Azure AD Premium subscription, MDM enrollment is automated along with Azure AD join. All scoped users must have an appropriate license for your MDM.

How do I connect to Azure AD with service principal? ›

To enable this, we need to perform several steps.
  1. Sign in to Azure AD PowerShell with an admin account. ...
  2. Create a self signed certificate. ...
  3. Load the certificate. ...
  4. Create the Azure Active Directory Application. ...
  5. Create the Service Principal and connect it to the Application.
May 30, 2022

Can iOS devices be registered in Azure Active Directory? ›

In this article
Azure AD RegisteredDescription
Operating SystemsWindows 10 or newer, iOS, Android, macOS, Ubuntu 20.04/22.04 LTS
ProvisioningWindows 10 or newer – Settings
iOS/Android – Company Portal or Microsoft Authenticator app
macOS – Company Portal
17 more rows
Dec 27, 2022

How do I get app roles in Azure AD? ›

Assign app roles to applications
  1. Sign in to the Azure portal.
  2. In Azure Active Directory, select App registrations in the left-hand navigation menu.
  3. Select All applications to view a list of all your applications. ...
  4. Select the application to which you want to assign an app role.
  5. Select API permissions > Add a permission.
Jan 27, 2023

How to configure Azure Active Directory? ›

Configure client apps to access your App Service
  1. From the portal menu, select Azure Active Directory.
  2. From the left navigation, select App registrations > New registration.
  3. In the Register an application page, enter a Name for your app registration.
  4. Select Register.
Mar 27, 2023

How do I sync my device collection to Azure AD? ›

Enable collection synchronization for the Azure service

Select the cloud management service for the Azure AD tenant where you created the group. Then in the ribbon, select Properties. Switch to the Collection Synchronization tab, and select the option to Enable Azure Directory Group Sync. Select OK to save the setting.

Where to install Azure AD Connect? ›

Install Azure AD Connect

You can find the download for Azure AD Connect on Microsoft Download Center. Steps to complete before you start to install Azure AD Connect. If you have a single forest AD then this is the recommended option to use. User sign in with the same password using password synchronization.


1. SAML & Azure AD | Demo with Drop Box | Azure AD Gallery Application | Setup SAML authentication
2. Azure AD SAML Single Sign-On (SSO) | Login into WordPress using Azure | Azure AD WordPress SSO
3. Azure AD SSO Setup
(ThingWorx, a PTC Technology)
4. Supercharge Your User's Microsoft 365 Experience With Enterprise Single Sign On (SSO)
5. How To Setup LDAP to Azure Active Directory
6. Azure Active Directory (AD, AAD) Tutorial | Identity and Access Management Service
(Adam Marczak - Azure for Everyone)
Top Articles
Latest Posts
Article information

Author: Tuan Roob DDS

Last Updated: 07/06/2023

Views: 5753

Rating: 4.1 / 5 (62 voted)

Reviews: 85% of readers found this page helpful

Author information

Name: Tuan Roob DDS

Birthday: 1999-11-20

Address: Suite 592 642 Pfannerstill Island, South Keila, LA 74970-3076

Phone: +9617721773649

Job: Marketing Producer

Hobby: Skydiving, Flag Football, Knitting, Running, Lego building, Hunting, Juggling

Introduction: My name is Tuan Roob DDS, I am a friendly, good, energetic, faithful, fantastic, gentle, enchanting person who loves writing and wants to share my knowledge and understanding with you.