Azure AD Application Proxy HTTP to HTTPS redirection


We are happy to announce that one of our most commonly requested feature is now live and enabled for all tenants: the ability to have automatic redirection from HTTP to HTTPS. This feature is turned on by default for all organizations that are using App Proxy, no action is needed to make it work.

Redirection of HTTP URLs is needed for the following reasons:

  1. Some applications use HTTP internally and HTTPS externally and they have embedded links that have HTTP. For example, if a SharePoint site uses HTTP internally, then users will receive email with HTTP links. If the user clicks on the links, access will fail.

  2. Sometime, users manually type the application domain in the browser address bar. In this case, the browser sends the request using HTTP and not HTTPS.

 

The logic works as follows:

  1. A device sends an HTTP request to a domain name that is published on App Proxy using HTTPS. E.g. http://sales.contoso.com. In the past, App Proxy rejected these requests.

  2. Now, App Proxy replies to this request with a 307 redirection response to the same domain with HTTPS.

  3. The device sends another request to this address,e.g. https://sales.contoso.com/

  4. At this point App Proxy handles the request and performs authorization and authentication logic together with other Azure AD services. Once the request is authenticated and authorized, it is sent to the backend application.


Comments (0)

Skip to main content