The 3rd-party IdP (not a Microsoft product) already exists and manages hundreds or thousands of users in multiple domains. That IdP must remain authoritative for those users. I don't want Azure AD (AAD) to get cluttered up by getting a copy of all the info for all of those users. I don't want there to be any chance that AAD has a copy and then somehow AAD's view of some user gets out-of-sync with the 3rd-party IdP's view. I just want AAD to ask (federate) the IdP for the info and authentication whenever an app needs to authenticate or authorize a user (that AAD doesn't know about -- AAD will know about some users for some apps). The app will not know about the 3rd-party IdP. Can it be done?
Can Azure AD federate to a 3rd-party IdP without a persistent sync to that IdP?
53 Views Asked by knokej At
1
There are 1 best solutions below
Related Questions in AZURE
- How to update to the latest external Git in Azure Web App?
- I need an azure product that executes my intensive ffmpeg command then dies, and i only get charged for the delta. Any Tips?
- Inject AsyncCollector into a service
- mutual tls authentication between app service and function app
- Azure Application Insights Not Displaying Custom Logs for Azure Functions with .NET 8
- Application settings for production deployment slot in Azure App Services
- Encountered an error (ServiceUnavailable) from host runtime on Azure Function App
- Implementing Incremental consent when using both application and delegated permissions
- Invalid format for email address in WordPress on Azure app service
- Producer Batching Service Bus Vs Kafka
- Integrating Angular External IP with ClusterIP of .NET microservices on AKS
- Difficulty creating a data pipeline with Fabric Datafactory using REST
- Azure Batch for Excel VBA
- How to authenticate only Local and Guest users in Azure AD B2C and add custom claims in token?
- Azure Scale Sets and Parallel Jobs
Related Questions in AZURE-ACTIVE-DIRECTORY
- How to authenticate only Local and Guest users in Azure AD B2C and add custom claims in token?
- Microsoft Entra ID - How to delete a tenant?
- Azure AD guest account in web app authentication user claims data
- Handling errors in MSAL Redirect - reactjs login with microsoft sso
- Azure Cross Cloud Auth using AAD
- Get id token from the access token
- Microsoft Identity does not work in docker desktop
- how to get refresh token in msal-browser Azure AD B2C login?
- Local DX for service-to-service authentication based on Managed Identities in Azure
- How can I add an identity provider to an existing user in an AWS Cognito user pool using the OIDC protocol?
- Azure B2C MFA custom policy flow 'try another way'
- How can I protect an Java Spring boot API against Azure AD B2C if I only have an id_token?
- Is there any way to get a new Azure CLI token without logging out?
- Code a Delegated Permission in Azure Powershell
- Service Principals I create are not being created as mine
Related Questions in IDENTITY
- Avoid resetting AccessFailedCount by CheckPasswordSignIn in ASP.Net Identity
- Camunda 8 Identity not connecting to existing Keycloak
- Identity log out suddenly in ASP.NET Core 7
- Unable to Connect to Azure using Certificate thumbprint with Connect-AzAccount
- what is the use of max_server_pool_size configuration for supertokens
- Sustainsys.saml2: IDX10214: Audience validation failed. Did not match: validationParameters.ValidAudience
- Custom Authorization Policy User.Identity.Name is null
- Impossible to assign a managed identity to my Azure function
- Implementing RFC 8693 Token Exchange with Azure AD for a Non-JWT OAuth2 Token
- Azure FailedIdentityOperation - failure on container app secret update with az cli
- Generate HTML Email from Razor View Page with a Strongly Typed Model
- Why Email Confirmation Token Getting Expired After 10 Minutes [.Net 8]
- Problem with identity scaffolding in ASP.NET
- System.NotSupportedException: Store does not implement IUserRoleStore<TUser>
- How to received a notification about removing user from FreeIPA?
Related Questions in FEDERATION
- AttributeError: 'Parameters' object has no attribute 'parameters'
- Token pass in new tab - parent tab has the token - need to pass same token to child tab using module federation
- Azure DevOps service connection with federation service principal - token is expired after 55 Min
- how to renew idp-signing.crt in powershell o365 (federated)?
- How to configure userInfoUri and tokenUri properties dynamically for federation on each request in spring security?
- Providing a generic PartnerEntity for SAML federation of SAML in Azure B2C
- Why vite-plugin-federation don't build remote project redux
- RabbitMQ federation example
- Using terraform along with service connection based on workload identity federation
- identity federation : one idp with 2 service providers and to share information between this 2 service providers
- Can't find my user on my custom instance on search in mastodon
- Webpack Module Federation and Zustand not sharing same store state
- Mercurius-codegen error Cannot find name '_Service
- I need to create a map of the original import statement of the key in __WEBPACK_MODULES__
- Implementing Graphql Federation in Spring Cloud Gateway (JAVA) connecting with NodeJS/TS microservices
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Yes, this is simply called Direct Federation: https://learn.microsoft.com/en-us/azure/active-directory/external-identities/direct-federation