Azure Active Directory SaaS App Integration In The Azure Portal

  • Article

With dates now announced for the public availability of Windows 10 Creators Update, and some of the new enterprise mobility capabilities that it containers, the next few posts in this blog will focus on getting familiar with some AAD tasks you may have been using in the classic Azure Management portal (aka manage.windowsazure.com) but instead showing how they can be done in the Ibiza portal (aka portal.azure.com). Today I'll focus on SaaS apps in the new portal.

Figure 1: A customised view of the Azure Portal with a focus on the components of the Enterprise Mobility + Security suite from Microsoft.

Figure 2: After selecting the Directory tile, we can see the options that are available, including Enterprise applications.

Figure 3: Enterprise Applications allows us to Add a new app from the details blade, or alternatively we view the available apps from All applications

Figure 4: After selecting Add we are shown the Categories and Add an application blades, which shows the library of existing SaaS apps that have already been integrated, or we can choose to integrate custom line of business apps, set up the AAD Application Proxy, or add another app that isn’t in the gallery.

Figure 5: From the gallery I have chosen to integrate Twitter

Figure 6: To easily identify this app amongst multiple Twitter accounts used in the organisation, I’ve named this one after the account it will be sharing

Figure 7: Intunedin Twitter now appears in All applications

Figure 8: As this has just been created, there are no users or groups assigned, and no activity

Figure 9: You can now Add groups or users to the application

Figure 10: I have selected an existing AAD Security Group – Intunedin tweeters, andcan now Assign the app to that group.

Figure 11: We can now see intunedin tweeters in Users and groups, and can Add others users and groups if needed.

Figure 12: For Single sign-on for Twitter we choose Password-based Sign-on and then Save

Figure 13: With Single sign-on enabled, Update Credentials is now available from Users and groups

Figure 14: After selecting Update Credentials the User Name and Password can be entered for the shared account

Figure 15: After adding the Cloud user to the intunedin tweeters group, the Intunedin Twitter app appears in MyApps

Figure 16: Clicking Intunedin Twitter opens Twitter in another tab and signs in via password vaulting