Support for more apps with Azure AD Application Proxy

Howdy folks,

Today, I have the privilege to tell you about the public preview of two new features for Application Proxy that make it even easier to provide secure remote access to on-premises applications:

  • Support for SAML single sign-on (SSO)
  • Support for finer grained management of application cookies

Support for more apps with Azure AD Application Proxy 1.png

SAML SSO support

The public preview for SAML SSO support with Application Proxy is now available.

Whether you already have an on-premises SAML application that's ready to publish or are looking to modernize your application's protocol, you now have an easy way to provide external access and SSO to your application.

Setting up SAML SSO with your on-premises application uses the same standard pattern as setting up SAML SSO for your cloud applications. The application must be using SAML with as the identity provider. You can also use this with the recently released preview for SAML token encryption. To learn more about configuring SAML SSO with Application Proxy see our documentation.

Support for more apps with Azure AD Application Proxy 2.png

Application cookie settings

To help meet your security and compliance requirements, the following settings for Application Proxy access and session cookies are now available:

  • Use HTTP-Only Cookie—Protects cookies against actions like copying or modifying the cookies from client-side scripting.
  • Use Secure Cookie—Ensures cookies are only transmitted over secure channels to prevent cookies from being observed by unauthorized parties.
  • Use Persistent Cookie—Sets the access cookie to not expire when the web browser is closed and persists for the lifetime of the access token.

For full details and recommendations about these cookie settings, see Cookie settings for accessing on-premises applications in Azure AD.

Support for more apps with Azure AD Application Proxy 3.png

As always, we'd love to receive any suggestions or feedback you have, so please comment below or on the Azure AD feedback forum.

Best Regards, 

Alex Simons (@Alex_A_Simons)

Corporate VP of Program Management

Microsoft Identity Division


This article was originally published by Microsoft's Secure Blog. You can find the original article here.