Today we’re going to walk through setting up Microsoft Azure AD’s new Conditional Access for Federated Applications, such as Workday, Salesforce, Concur and Google Apps for Work.
In order to start, we assume that you already have application federation in place, today we’ll be working with Salesforce. If you haven’t worked with federated applications yet, you can leverage Azure AD to cheap nfl jerseys automatically provision new user accounts in these applications as soon as a user is added to an application group! Saves the hassle of having to provision accounts in multiple portals!
The benefit of Multi-Factor Authentication here allows access to corporate SaaS applications while increasing security for me sensitive applications overall or just outside your corporate offices with the ability Finding to cheap mlb jerseys exempt a group of users as well.
We’re going to start by going to the cheap jerseys Configure tab.
Let’s scroll down and take wholesale jerseys a look at the access rules
You can see 2012+ there are new options to enable per-application Multi-factor Authentication. We can either globally enable it or enable it for a specific group of users, including the ability to add exceptions. In this case we’re going to shipping apply this rule to all, but we want to enable MFA when users are connecting outside of the office.
Let’s go ahead and check ALL USERS and Require multi-factor authentication when not at work
Let’s choose the option to define our network locations. In this case I’ll define our corporate office public IP range. We’ll then save the config and test!
We’ll test cheap jerseys internally first
Let’s go ahead and login
Let’s launch Salesforce. From inside, we should be taken directly to the Salesforce site with our corporate Salesforce account.
Now let’s test outside the organization. We don’t get prompted for MFA at login like the standard MFA does. However, when we launch the app, we get prompted to configure MFA for the first time
The 1st time you login, it will ask you to define your MFA type: Phone call, Text or Phone app.
We’ll setup the phone app
We get launched directly in!
Now we were already authenticated here. Let’s logoff and logon again to show the experience moving forward.
We’ve not configured Conditional Access leveraging Multi-factor authentication for Federated apps!