This post has been republished via RSS; it originally appeared at: Azure Active Directory Identity Blog articles.
Last Microsoft Ignite, I shared how important partners have been in helping our customers enable a new way of work by providing secure and seamless access for their remote workforce. Our partners have continued to help customers adapt to this new way of working by integrating their applications and solutions– from supporting single sign-on and provisioning to passwordless authentication. In case you missed some of our recent partner announcements you can watch the February edition of New Partner Integrations with Microsoft identity below:
This week at Microsoft Ignite, we made several announcements to help strengthen Zero Trust defenses in the era of hybrid work. Today, I’d like to highlight partner integrations that complement these announcements and our built-in capabilities.
Making passwordless a reality
Earlier this week at Ignite we announced that passwordless authentication to deploy across cloud or hybrid environments is now generally available! Over 200 million users sign into their Microsoft personal or work accounts without passwords each month. Employees can use a wide range of passwordless solutions like Windows Hello for Business, Microsoft Authenticator app, and compatible FIDO2 security keys from our partners. Partners like Yubico, Feitan Technologies, and AuthenTrend have helped deliver a variety of options for you to go passwordless. And recently, ExcelSecu, Hypersecu, KONA I, Token2 and VinCSS have been added to the list of FIDO2 security key vendors compatible with our passwordless experience.
If you are a developer and want to support passwordless authentication with FIDO2 security keys in your apps, check out our best practices.
Building a more trustworthy identity ecosystem with identity verification
With Azure AD verifiable credentials available in public preview in just a few weeks we are partnering with leading identity verification providers to improve verifiability and secure information exchange. Verifiable credentials let organizations confirm information about a business or a user while protecting privacy. Azure AD customers will be able to issue and verify digital claims for employees, vendors, and customers using an open standards approach. Partnering with companies including Acuant, Au10tix, IDEMIA, Jumio, Onfido, Socure, and Vu Security will enable organizations to verify a wide variety of attributes, such as documents and electronic data, while giving individuals more control over access to their information.
Additionally, we are working with services partners to help customers take this next step towards greater privacy and verifiability. AffinitiQuest, Condatis, and Unify are joining us to get our customers started on this journey.
Protecting legacy apps and resources with new secure hybrid access partnerships
Our secure hybrid access partnerships allow customers to use their existing application delivery controllers and networks, VPNs and Software-Defined Perimeter apps to protect legacy, on-premises applications with Azure AD. New secure hybrid access partners that we’ve recently added include Datawiza, Perimeter 81, Silverfort, and Strata. Let’s take a closer look at how Silverfort is helping customers protect their legacy, on-premises apps.
In addition to connecting legacy, on-premises apps, partners like Silverfort can help discover, prioritize and then migrate apps and resources that may be hosted on-prem or in multi-cloud environments to Azure AD. Once applications are discovered and prioritized, customers can leverage Silverfort to connect these apps and resources in Azure AD and apply single sign-on and Conditional Access policies across on-prem and multi-cloud workloads. Watch our Ignite session Prevent attacks by protecting your applications with Azure Active Directory to learn more about our integration with Silverfort.
Strengthen security with Conditional Access authentication context
This week we also announced public preview of Azure AD Conditional Access authentication context. Conditional Access authentication context enables customers to apply different policies for different data and actions within an application. This adds data segmentation and stronger policies on high business impact or sensitive data. For example, instead of asking for multi-factor authentication every time a user needs to log into an app with sensitive data, you can ask for a step-up authentication for a specific action that they need to perform – like downloading confidential data. With the public preview we are adding support to several Microsoft services and third-party SaaS and line-of-business apps. Two partners that have built authentication context integrations are LumApps and Powell Software:
Simplifying identity management to the apps and platforms you use
The applications and services that our customers depend on extend across clouds and platforms. It’s why we are committed to ensure that our identity solutions work seamlessly and securely across platforms and extend to all clouds and apps. Our team continues to add new pre-integrated apps to our Azure AD app gallery and we have built deeper integrations with popular apps so you can get the most out of the tools that your organization already uses. Some integrations that we’ve recently added and updated include:
AWS Single sign-on
The AWS Single Sign-on (AWS SSO) application is now available in the Azure AD app gallery. The AWS SSO application makes it easy to centrally manage access to multiple AWS accounts and provides users with seamless access to all their assigned AWS accounts and resources from one place. As a pre-integrated application in the Azure AD app gallery, you can quickly connect Azure AD to AWS SSO and manage access to AWS centrally. Additionally, end users can sign into AWS SSO using their Azure AD credentials to access all their assigned AWS resources.
We’ve added new capabilities to our existing Workday integration giving customers more ways to streamline user provisioning and sign in experience. These new capabilities include the ability to writeback phone number fields from Azure AD to Workday and support provisioning of secondary job data and international assignment data from Workday to Azure AD. In the next few weeks, we will enhance the existing One-Click Single Sign-On configuration by enabling IT Admins to upload the Federation Metadata XML file of Azure AD into Workday. And finally, customers can quickly setup single sign-on for Workday mobile apps across iOS and Android and enforce Conditional Access policies to these mobile apps.
Get started with our partner integrations
Thank you to all our partners for developing solutions on our platform that have helped companies strengthen their Zero Trust defenses. We appreciate the partnership and look forward to more integrations in the future. Check out the Azure AD partner page to explore the partnerships you can take advantage to help you solve your identity and access needs and let us know what you think in the comments below.
Partner Director of Program Management
Microsoft Identity Division
- Top 7 Microsoft Identity partnership announcements at Ignite 2020
- 10 Reasons to Love Passwordless Series
- TAP Public preview blog
Learn more about Microsoft identity: