Organizations that use Microsoft Azure Active Directory for managing corporate identities can leverage this infrastructure for authenticating into Luminate. Both end-user and administrator identities can be used to provide Role Based Access Control to various corporate resources and services.

When authenticating via Azure Active Directory, Luminate leverages the Federated Identity Provider capabilities, redirecting the user to authenticate with Azure AD, while keeping the user's identity for SSO to applications that support Azure AD Authentication.

Schematically, the work with Azure AD looks like the below:

Azure_Active_Directory_Authentication.PNG

A similar configuration may be used to perform authentication via the on-premises Microsoft Active Directory infrastructure. In order to do that, either Azure AD Connect component should be used to synchronize the on-premises directory to the cloud, or an Active Directory Federation Services (ADFS) component should be deployed to allow authentication with on-premises directory.

When working with Azure AD Connect, the configuration looks schematically like the below:

 Azure_Active_Directory_Authentication_with_Azure_AD_Connect.PNG

Attached document describes the configuration steps that need to be taken in order to configure Active Directory as an Identity Provider used for authentication by Luminate. In order to configure authentication with Active Directory Federation Services, please see a separate article.