Account Federation Preparation

Topic Last Modified: 2013-04-03

Many organizations require identities to be authenticated only by their on-premises system. This is easily accomplished with single single sign-on (SSO) for Windows Azure Active Directory.

For end users, the experience expands on Active Directory synchronization by allowing them to sign in to their on-premises account and have that same account provide the means to authenticate to the online services.

To set up SSO, organizations need to deploy a security token service on-premises. For more information about security token services that work with Windows Azure AD, see Single sign-on roadmap. After SSO has been set up, users can use their Active Directory corporate credentials (user name and password) to access the services in the cloud and their existing on-premises resources.

All the tasks required to configure federation are outlined in the Windows Azure Active Directory TechNet Library. For information about SSO, see Configure single sign-on.