Posted on

Add Microsoft Authenticator MFA to AWS Accounts

The aim of this post is to configure policies in AWS to allow accounts that have been provisioned for users with specific permissions to register for MFA themselves.  The authenticator we will be using is the Microsoft IOS app but it could also be Google or any other authenticator.

Continue reading “Add Microsoft Authenticator MFA to AWS Accounts”

Posted on

Configuring Azure Active Directory as an Identity Source for multiple applications

Configuring Azure Active Directory as an Identity Source for multiple applications

The main driver for this post was a project I had started to migrate all of our applications that were currently using Okta as an Identity Source to Azure Active Directory.   An Identity Source is authentication mechanism that you can use instead of the defaults that the application provides.  If you also use Office 365 you probably use Azure AD for Single Sign On (SSO) already.  This can be extended to other applications such as Salesforce not just for Office 365.

The reasons for this were mainly financial as we had already paid for Office 365 E3 + EMS licences.  We therefore had the identity services built in already so it didn’t make sense to continue to pay Okta for the same service.  I will go through setting up a number of applications in Azure AD including; AWS Console, BlueJeans, Concur, Dynatrace, Litmos, EmPerform, PeopleHR, Salesforce and Secret Server.  All applications use SAML and we will go through the configuration for each individual application below.

Continue reading “Configuring Azure Active Directory as an Identity Source for multiple applications”