I am a developer of applications with limited Internet time (SAAS), when I start, I expect that most of my clients will authenticate (log in) to my application using the standard email technique + password.
However, I would like to offer a more efficient single sign-on option for larger clients who will have ready-made communities of potential users of my system. Such communities will often run Windows desktop computers that have already authenticated against the internal corporate Windows domain controller.
I am looking for some option to improve the process of authenticating a user to a website and trusting or delegating authentication of a client’s domain. I would be a very junior partner in any such integration, so I doubt that a large corporation will allow me to launch a satellite domain controller connected to their system. Savings in SAAS will not allow the use of hardware VPNs.
The Azure cloud is likely to be used to host my SAAS application, if that helps clarify the options.
source share