News

Window Azure Active Directory Gets 'Preintegrated' Single Sign-On Support

• By Kurt Mackie
• 07/10/2013

Microsoft announced this week that it has improved Windows Azure Active Directory to better support single sign-on (SSO) capabilities for Web-based applications.

The new SSO capability extends to some Microsoft software-as-a-service (SaaS) applications, as well as to SaaS applications built by other vendors, provided that an organization uses Windows Azure Active Directory to manage the access. This "preintegrated" SSO capability, which is an opt-in type of feature, gets accessed through the Windows Azure management portal, although IT pros have to go through a few clicks to set it up.

Currently, about 40-plus SaaS apps are supported, Microsoft indicated in an announcement. The supported apps include Microsoft Office 365 apps, as well as apps from ADP, Dropbox, Google Gmail, IBM, Intuit, Sage and Salesforce.com, among others.

Microsoft describes the new SSO integrations as an "application access" enhancement to Windows Azure Active Directory. The new preintegrated SSO capability is currently available at the "preview" stage for testing purposes. Microsoft plans to add that capability in the "general availability" finished release of Windows Azure Active Directory at no additional cost, when it becomes available. It's not exactly clear when Windows Azure Active Directory will be finalized.

Not all of Microsoft's improvements to Windows Azure Active Directory will be free of charge. For example, Microsoft announced a preview of its Active Authentication service last month that will cost $1 per user per month.

The new preintegrated SSO capability is available to Windows Azure Active Directory users as well as to users of Office 365 services. IT pros use the Windows Azure management portal to assign an app to an end user, and the assigned apps then become available from a Web page that Microsoft describes as "the Access Panel." The preintegrated SSO capability supports "SAML federation and password-based SSO" for SaaS apps, according to Microsoft's announcement. With the SSO capability provisioned, the management portal will show a history of SaaS app log-in attempts to better assure security.

Some of the preconfigured SaaS apps in the preview can be provisioned or deprovisioned by the end user. Currently, those apps with that capability include "Box.com, Salesforce.com and Gmail," according to Microsoft's announcement.

In other Windows Azure news this week, Microsoft announced that it is now possible to use an "autoscale" capability with Windows Mobile Services Standard and Premium offerings. That added perk is principally of interest to developers that want to push out capacity for their mobile applications housed on Window Azure.

Microsoft also explained a bit more about its Premium offering for Windows Azure SQL Database, which was announced this week at the Microsoft Worldwide Partner Conference in Houston. The Premium offering is designed for service integrators and independent software vendors that want a reserved database capacity to support their cloud-based applications. A preview of this Premium offering will be arriving in "a few weeks," according to Microsoft's description, posted on Tuesday.

Microsoft plans to charge for access, both for those using the Preview of the service, as well as at the time of "general availability" product release. The Windows Azure SQL Database Premium offering will cost $30 per day for one core and 8 GB of RAM or $60 per day for two cores and 16 GB of RAM.