Single sign-on using Azure Active Directory
If you use Microsoft's Azure Active Directory (AAD) as your identity provider you can use it to provide your users with single sign-on to the ESB platform.
Once we have enabled your installation for access via Azure AD, all that is required on your part is for a user with sufficient privileges in your organisation's Active Directory domain to log into your ESB installation and authorise it so that other users in your domain can access it. This is typically a user within your organisations IT department.
There is no need for you to create or register ESB within your own Azure AD tenant as we already publish the ESB platform as a multi-tenanted application. This means that all signing certificates are handled by ourselves and there is no ongoing maintenance required by your IT department when certificates need to be renewed, nor is there any need to exchange metadata with your AD tenant.
How do I know if my ESB installation is enabled for single sign-on?
If we have enabled your installation for single sign-on you will see a Sign in with Microsoft button on the ESB login page. Clicking this button will initiate the single sign-on process.