Azure Active Directory Authentication

Azure Active Directory (Azure AD) is Microsoft's multi-tenant cloud based directory and identity management service. Azure Active Directory authentication uses the Microsoft Azure Active Directory as an identity provider (IdP) to implement SAML-based single sign-on (SSO) for user authentication and to automate user synchronization between your Azure AD and TMWS.

This section describes how to configure Azure AD as a SAML (2.0) identity provider to work with TMWS.

When there are multiple domains, they have the same authentication method, that is, Direct, AD FS, Agent, Okta, Azure AD, or Google. Each domain shares the same settings under the Azure AD authentication method.


In this authentication method, hosted users are not able to access websites through TMWS. If you need to manage hosted user accounts, add them in your Azure AD first.

Before you begin configuring Azure AD, make sure that:

  • You have a valid subscription with the Azure AD Free, Office 365 apps, Premium P1, or Premium P2 edition.

  • You are logged on to the management console as an TMWS administrator.

  • You have a Global Admin or Co-admin account in Azure.

  1. Add TMWS as a new enterprise application in Azure AD.
  2. Configure TMWS SSO and synchronization settings in Azure AD.
  3. Configure Azure AD settings on TMWS.
  4. Add domains and synchronize users and groups from Azure AD.
  5. Test single sign-on to TMWS.