AAD Application Proxy In The Azure Portal

Following on from last post, I’ll continue with the app story, but this time via the Azure Active Directory Application Proxy. The app proxy allows you to publish on-prem web apps, while leveraging the identity security benefits that Azure Active Directory provides. For OEM partners that are looking at ways to integrate traditional in house web apps with new cloud capabilities, the AAD App Proxy makes this process very easy.


Figure 1: The initial steps for setting up the AAD App Proxy include choosing Enterprise Applications within Azure Active Directory, and then clicking Application Proxy

Figure 2: Next we need to choose Download Connector

Figure 3: From the server where we want to run the connector we run setup.

Figure 4: The only configuration we need to perform on the server is signing in to our Azure AD Global Admin account.

Figure 5: Switching back to the Azure Portal, choose Add an application, and then populate the Add your own on-premises application

Figure 6: Once the new app has been added, we can make some customisations, including enabling the app and choosing a logo, amongst others.

Figure 7: Next we should add a test user or group, and we do this via Add Assignment, Users and Groups, and Invite.

Figure 8: Signing in to myapps.microsoft.com we can see that internalapp is now published to Admin

Figure 9: Clicking on internalapp opens up a new tab, where you can see the msappproxy.net URL and the successfully loaded web page from the internal server we published

Comments (4)
  1. tony says:

    this proxy process works very nice if the apps behave, but so far 90% of our apps are just internal apps that they’d like to make accessible without vpn and in being internal they have a different dns name than is available from the outside as in *.pvt. Sometimes this is not a problem but so for more often then not its has been since the apps usually are exposing clientside javascript and the proxy can’t clean up this mismatch of names. Or hopefully I’m missing something, please tell me I’m wrong and there is a way to fix this.

    1. tony says:

      Also I’d like to say that the proxy app is actually very cool, I don’t want to sound like I’m negative about the proxy app I’m not just the opposite.

      1. tony says:

        sorry for the late reply, will check out what you linked.

Comments are closed.

Skip to main content