This blog post demonstrates how to use Azure Application Proxy.
Azure Application Proxy enables you to take an internal web application and make it securely available outside of your organisation. A few different authentication options can be enabled for your internal application to help secure it:
- If your application does not use and form of sign-in then Azures Active Directory (AAD) sign-in can be added to the public endpoint Azure Application Proxy provides.
- Pass through, relying on you on premise authentication.
- If your application does use Active Directory sign-in then you have the option to set up and use AAD based single sign-on. This post demonstrates that option.
If you would like to test the scenario described above, you may want to firstly create a simple application rather than using a real application. Part 1 of this blog shows how to do that using Visual Studio. If you already have a web application that authenticated against your local Active Directory, you can skip Parts 1,2 and 3. If you already have your Azure Active Directory synchronized with your local domain you can skip through Part 4 as well.
Part 1 – Creating a simple application with Visual Studio
Part 2 – Publishing the Application to a local IIS server
Part 3 – Setting up IIS for Authentication
Part 4 – Set up your Local Domain and Directory Synchronization
Part 5 – Enable Azure Application Proxy