Class 3 - Leverage Azure AD to protect Cloud Apps

In this class, we will check that user1 can access any cloud app federated with Azure AD.

The current config

In a real world, companies deploy applications on-prems and in public clouds. If the company uses Azure AD as IDaaS, it will federate all cloud apps with this Azure AD tenant.

This is what we prepared for you in this lab. This application is federated with our Azure AD tenant.

You have nothing to configure on APM side, as everything is dealed between the cloud app and Azure AD. In Azure portal, we configured Oauth for the cloud app, so that every user reaching this app will be redirected to Azure login page.

../_images/OIDC1.png

Test your deployment

  1. RDP to Win10 machine as user and password user

  2. Open Microsoft Edge browser - icon is on the Desktop

  3. Click on the bookmark Wordpress Cloud App

  4. You will be redirected to Azure AD login page (it can take a while - look at the address bar). Login as user1@f5access.onmicrosoft.com, and for the password please ask to your instructor (if prompted). You already have a session up and running in Azure AD, from previous class.

  5. You are redirected to the cloud app in Azure cloud, and can access to Wordpress-UDF application.

    ../_images/WP.png