question

FrankC-9742 avatar image
0 Votes"
FrankC-9742 asked vipulsparsh-MSFT answered

Partner SSO with different user membership

We want to allow our customers to sign in via SSO (they use Azure AD). After login to our site, we would like to be able to redirect our users to a 3rd-party partner to login under the same credentials that the user used for our site. Let's say that our customer is FooCompany and all their users login with username@foo.com

However, because of how our partner operates, all users for FooCompany (e.g. user1@foo.com, user2@foo.com, etc.) must use the same user on our partner's site. What is the best way of setting this up using SSO standards?

azure-ad-saml-sso
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

vipulsparsh-MSFT avatar image
0 Votes"
vipulsparsh-MSFT answered

@FrankC-9742 Thanks for reaching out and apologies for delay on this. Choosing a SSO method depends on lot of other things as well.
Cloud applications can use OpenID Connect, OAuth, SAML, password-based, linked, or disabled methods for single sign-on.
On-premises applications can use password-based, Integrated Windows Authentication, header-based, linked, or disabled methods for single sign-on. The on-premises choices work when applications are configured for Application Proxy.

I want to share a flowchart which can shed some more light on your scenario,

96338-image.png


Let us know if this helps or if you have any questions.



If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.




image.png (112.3 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.