AAD Applications provide IDaaS for Microsoft 365.

Third-party applications created by vendors may be already present in the App gallery and can be added via an Enterprise App, no App registration necessary. Internal applications will require an App registration followed by creation of an Enterprise App.

The Microsoft Identity platform implements support for many commonly used federation protocols, including:

  • OAuth 2.0
  • OpenID Connect 1.0
  • SAML 2.0

Some applications support automated user provisioning and access via SCIM 2.0.

Apps on private networks

Whilst the world seems to be transitioning to SaaS for a lot of our software needs, many organisations run on-premises (or even VPC) web applications (e.g. RD Gateway) which may need to be made available externally. AAD Application Proxy allows you to expose individual applications to authenticated users over the Internet via a Connector deployed in the private network.