Sharon walks through the process of adding SaaS applications that are not available via the Azure Gallery, leveraging AAD for access and control.
- [Instructor] We've seen how to add an application that was already available to us in the gallery. Now let's go ahead and add an application that is not in the gallery. To do so, I've already logged into Azure. And I'm already in the Azure active directory blade. And I'm going to go ahead and click enterprise applications. I'm going to go ahead and click add again. And here, we're going to bring our own app. I'm going to take the non-gallery application initially. Provide a name for your application.
And bring in your own application, supports SAML based sign on, application proxy. Automatic user provisioning with system for cross domain identity management too. And password, single sign on and I'm going to go ahead and click add, it will take a few moments for this application to be added into our Azure active directory. And now we can go ahead and step through the process. Before we start that, just to let you know, I do not have a line of business application set up somewhere else and I'm running through this for demo only.
First we're going to go ahead and assign a user for testing. I'm going to go ahead, add myself. I click add and your user's in groups. And again, this is all going to be very similar to what we've already done for any of the applications we added from our gallery. Go ahead select your user and then click select. And then assign, we'll wait a moment. And then go ahead and close the blade now that our user has been assigned. Next, we're going to go ahead and create our test user.
You'll notice that we have two options here. We have manual and automatic, in the manual mode, we will go ahead and create that user within that application. In the automatic mode, Azure active directory will go ahead and create that user within that application. There are a handful of applications in which you can do this, Fox is one of them, G Suite for Business is another, Facebook for work is also another application that you can go ahead and figure this automatic provisioning with. Again, there are only a handful.
Always check the documentation first. In this example, you would have to go ahead and provide the tenant URL and the secret token in order for Azure active directory to be able to provision that user within the application. Again, because I do not actually have an application, I'm going to go ahead and discard this. And then I'm going to go ahead and close the blade. Next, we can go ahead and configure single sign on. We can select from SAML based sign on, password based sign on, or linked sign on.
I'm going to go ahead and just take the password. And here you're going to enter in the URL. Again, I do not have a real line of business application to use, I'm going to enter in a URL and it will fail. You would have the actual URL where your users would enter their username and password. I'm going to go ahead and click save. And I am expecting an error and this would be normal behavior because I do not have a proper sign in page.
But again, this is demo, so I'm okay with it. Next, you can go ahead and configure self service if you'd like to do that and we've already talked about that in a previous video. And finally, you're going to deploy single sign on. I'm going to go ahead and Sharon's already in there, so we'll just go ahead and leave this. I can go ahead and close the blade. I'm going to log out and we're going to go ahead and login to the access panel to show you what this looks like. I'm going to go ahead and sign in to myapps.microsoft.com.
And you'll see that we now have the bennettlob. If I click on it, it is just going to fail. And it will error because there is no login page for it. Just because you don't see your application within the gallery, doesn't mean that you can't add in your own application into Azure active directory.
- Azure AD
- Adding company branding
- Adding a custom domain
- AD Connect configuration
- AD Connect Health
- Administering users and groups
- Configuring SaaS applications
- Granting conditional access
- Revoking access
- Application proxy and discovery
- Integrating web and desktop applications
- Creating an Azure AD B2C directory
- Registering an application
- Creating a Microsoft identity