Information technology tools and resources at the UW
Azure Active Directory
Azure AD provides multiple cloud-based capabilities using emerging technologies. Capabilities include authentication & credential management, collaboration and application management, device management, information security, and Azure AD is a cloud-enabling capability.
The primary Azure AD tenant used at the UW is uwnetid.onmicrosoft.com. It has a default domain of cloud.washington.edu. The primary domain used by this tenant is uw.edu, with many UW NetIDs automatically provisioned for use. There are several other domains associated with this tenant like washington.edu and u.washington.edu. Other UW Azure AD tenants exist and are also managed.
A document which explains a broad set of common terminology associated with Azure Active Directory may help you navigate.
Use of some Azure services depends on having an Azure Active Directory tenant. The UW has guidance on when a new Azure AD Tenant should be created and when the existing enterprise Azure AD tenant should be leveraged. If in doubt, contact email@example.com for assistance.
There are many service options that Azure Active Directory provides. Among them are:
- Azure AD Security Token Service. Features UW NetID integration.
- Azure AD External Users. Features ability to collaborate with non-UW identities.
- Cloud to On-premises Token Translation (Azure AD Application Proxy). Features the ability to leverage the AAD STS authentication features for on-premises applications.
- Conditional Access. On a per application basis, restrict who can get a logon token for that application with a set of criteria that must be met. Requires additional purchase.
- Azure AD Directory Services. Features UW identity integration.
- Azure AD Graph API. Provides identity data interface.
- Application integration. Allows you to leverage Azure AD STS features with your own application or a 3rd party application which is pre-integrated. SaaS integration and cross-application functionality are powerful features.
- Azure MFA. Features phone based multi-factor authentication. Requires additional purchase.
- Azure RMS. Features encryption and protection capabilities leveraging cloud-issued, short-lived keys with support across a broad set of client platforms. May require additional purchase.