Azure Active Directory as Identity Provider

We need to configure AAD as an Identity Provider to retrieve USERS accessing the SPP.

What is the best way to proceed? Do we also have to configure Starling Connect in order to configure AAD in the Identity Provider section? What type of selection should we make? Active Directory or External Federation type?
Now in the customer's environment only EXTERNAL FEDERATION is configured to have the MFA but we must also configure it as an Identity Provider.

Also, is it necessary a specific license to join to Starling Connect?

I hope to be clear.

Thank you very much for your help

Parents Reply
  • Hey Dario/Tawfiq,

    Just came across this thread and wanted to understand more for my customer's use case. So if the use case is to have AAD user login and have Windows Authenticator as 2FA, we would need to configure SCIM to create, update, delete users into Safeguard and have External Federation to AAD for Secondary Authentication via Windows Authenticator.

    With this configured, in terms of user experience on the login page, would the user first authenticate with email and password, click login and asked to login again via Microsoft login portal which has Windows authenticator? 

    Thanks!

    --Cyril

Children