Azure Active Directory (Azure AD) is Microsoft's multi-tenant cloud based directory
and identity management service. Azure Active Directory authentication uses the
Microsoft Azure Active Directory as an identity provider (IdP) to implement
SAML-based single sign-on (SSO) for user authentication and to automate user
synchronization between your Azure AD and TMWS.
This section describes how to configure Azure AD as a SAML (2.0) identity provider
to
work with TMWS.
When there are multiple domains, they have the same authentication method, that is,
Direct, AD FS, Agent, Okta, Azure AD, or Google. Each domain shares the same
settings under the Azure AD authentication method.
NoteIn this authentication method, hosted users are not able to access websites
through TMWS. If you
need to manage hosted user accounts, add them in your Azure AD first.
|
Before you begin configuring Azure AD, make sure that:
-
You have a valid subscription with any of the following licenses:
-
Azure AD Free
-
Office 365 apps
-
Premium P1
-
Premium P2
-
-
You are logged on to the management console as an TMWS administrator.
-
You have a Global Admin or Co-admin account in Azure.
Procedure
- Add TMWS as a new enterprise application in Azure AD.
- Configure TMWS SSO and synchronization settings in Azure AD.
- Configure Azure AD settings on TMWS.
- Add domains and synchronize users and groups from Azure AD.
- Test single sign-on to TMWS.