Integrate your commercial marketplace listing with Azure Active Directory
This article explains requirements for integrating a commercial marketplace listing or offer with Azure Active Directory (Azure AD). Azure AD is a cloud identity service that uses industry-standard frameworks to enable authentication with a Microsoft account. Learn more about Azure Active Directory.
Azure AD benefits
Microsoft AppSource and Azure Marketplace customers use in-product experiences to search storefront listing catalogs. These actions require customers to sign in to the product. Azure AD integration provides the following benefits:
- Faster engagement and an optimized customer experience
- Single sign-on (SSO) for millions of enterprise users
- Consistent, sign-in experience across applications published by different partners
- Scalable, cross-platform authentication for mobile and cloud apps
Offers that require Azure AD
The various commercial marketplace listing options and offer types have different requirements for Azure AD implementation. See the following table for details.
|Offer type||Azure AD SSO required for Contact Me?||Azure AD SSO required for Trial?||Azure AD SSO required for Test Drive?||Azure AD SSO required for Transact|
|Azure Apps (solution template)||N/A||N/A||N/A||N/A|
For more information about SaaS technical requirements, see Azure AD and transactable SaaS offers in the commercial marketplace.
Azure AD integration
- For details about how to integrate Azure AD for your transactable software as a service (SaaS) offers, see Azure AD and transactable SaaS offers in the commercial marketplace.
- For information on how to enable single sign-on by integrating Azure AD into your listing, see Azure Active Directory for developers.
- To get details about Azure AD single sign-on, see What is application access and single sign-on with Azure Active Directory?.
Enable a trial listing
Automated customer setup can increase the likelihood of conversion. When your customer selects your trial listing and is redirected to your trial environment, you can set up the customer directly without requiring additional sign-in steps.
During authentication, Azure AD sends a token to your app or offer. The user information provided by the token enables the creation of a user account in your app or offer. To learn more, see Sample tokens.
When you use Azure AD to enable one-click authentication in your app or trial listing, you:
- Streamline the customer experience from the Marketplace to your trial listing.
- Maintain the feel of an in-product experience even when the user is redirected from the Marketplace to your domain or trial environment.
- Reduce the likelihood of abandonment when users are redirected because there are no additional sign-in steps.
- Reduce deployment barriers for the large population of Azure AD users.
Verify Azure AD integration
Use Azure AD to support the following actions:
- Register your app in one of the Marketplace storefronts. View App registration or AppSource certification for more information.
- Enable the multitenancy support feature in Azure AD to get a one-click trial experience.
If you're new to using Azure AD federated single sign-on, take these steps:
- Register your app in the Marketplace.
- Develop SSO with Azure AD by using OAuth 2.0 or OpenID Connect.
- Enable the multitenancy support feature in Azure AD to provide a one-click trial experience.
Use Azure AD to support one of the following actions:
- Add guest users to your directory by using Azure AD B2B.
- Manually set up trials for customers by using the Contact Me publishing option.
- Develop a per-customer test drive.
- Build a multi-tenant sample demo app that uses SSO.
If you haven't already done so,
- Learn about the marketplace.
To register in Partner Center, start creating a new offer or working on an existing one:
- Sign in to Partner Center to create or complete your offer.