Azure AD: How to integrate Customer's SSO into my Tenant/Application?

Chiranjib 6 Reputation points
2021-03-31T02:20:48.67+00:00

I am not particularly sure of the correct question to ask, so I apologize in advance if the question appears slightly vague.
I am looking to learn concepts and then implement the solution.

I have an Azure AD tenant, and an application within it (it was created with App registrations experience). We have set up login, callback, etc previously and it works.

Now we've been approached by a customer to enable login for their users into our application, using their organization's Azure AD SSO. I have browsed all the concepts and I think I have to enable Azure AD B2B, I might be wrong here.

I am not aware of the conversations that took place with the customer before it reached me, but they have shared an XML and certificate over email that reached me, asking me to integrate into our application.

This is where I am puzzled, as I am not sure about what needs to be done. Kindly help me go in the right direction.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,639 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,472 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Mario Worwell 11 Reputation points
    2021-04-02T15:00:56.137+00:00

    Azure AD B2B would be the way to go.
    From there, I would store the certificate in Key Vault and have the application only access it from there.
    I think that solves your issues, but let me know.