Mastering Identity and Access Management with Microsoft Azure

上QQ阅读APP看书，第一时间看更新

Provide user and group-based application access

In this section, we configure a typical workplace, which a user can access under the Access Panel UI (https://myapps.microsoft.com). We assign applications to users and groups to see the different capabilities. The steps don't contain all single sign-on or provisioning options. We will discuss these feature sets later in specific chapters.

Log in to https://portal.azure.com with your Global Administrator credentials and add several applications from the application gallery under the Enterprise applications section. After adding the applications, we assign the accounts, which are to be provided access.

Build a list of applications like the following, and assign all groups to access the applications, except the one with user provisioning:

Azure AD application management

You will note the differences in the format with and without user provisioning.

Test your newly configured workplace and log in as don.hall@domain.onmicrosoft.com to https://myapps.microsoft.com:

Azure AD access panel UI - application access

Also, test the user experience on Office 365 and log in as don.hall@domain.onmicrosoft.com to https://portal.office.com.

Next, we will assign applications to users.