Académique Documents
Professionnel Documents
Culture Documents
REST APIs
GRAPH APIs
Synchronise users
from your AD DS
https://www.microsoft.com/en-us/cloud-platform/azure-active-directory-features
Port Number Description
80 To enable outbound HTTP traffic for security validation.
To enable user authentication against Azure AD (required only for the Connector registration
443
process)
10100 - 10120 To enable LOB HTTP responses sent back to the proxy
To enable communication between the Connector toward the Azure service for incoming
9352, 5671
requests. Uses 443 when configured to use a forward proxy.
9350 Optional. To enable better performance for incoming requests.
8080 To enable the Connector bootstrap sequence and to enable Connector automatic update
9090 To enable Connector registration (required only for the Connector registration process)
9091 To enable Connector trust certificate automatic renewal
Azure AD
Application
Proxy
External
Published:
endpoint for App1
app1 with
application
passthrough Azure AD
Application proxy
Internet Azure connector On-premises
Azure AD Azure AD
endpoint for
authentication Possible sync
Authentication AD
Azure AD
Application
Proxy
External Published:
endpoint for app1 with App1
application preauth Azure AD
Application proxy
Internet Azure connector On-premises
Preauthentication flow Azure AD
Secure channel
Application
Proxy
Published: Authenticates
Azure AD
app1 with via Azure AD app1
preauth
User On-premises
Send app1 GET request connector
Redirected to Azure AD with authentication string
AzureAppProxyAccessCookie
App1
app1 GET request authenticates
Page rendered Passed through secure channel user with
selected method
Azure AD Azure AD
endpoint for
authentication Possible sync
Authentication
AD
KDC
Azure AD KCD
Kerberos token
Application injected into header
Proxy
External Published:
App1
endpoint for app1 with Kerberos auth
application preauth Azure AD
Application proxy
Internet Azure connector On-premises
Kerberos
Azure AD Azure AD Possible sync
endpoint for
authentication
Authentication Security AD
Azure AD token service
AAD App
Application
Proxy Trust
Proxy
External Published:
App1
endpoint for app1 with claims aware
application preauth
Azure AD
Application proxy
Internet Azure connector On-premises
Azure AD
endpoint for
authentication Possible sync
Authentication AD
Azure AD
Application
Proxy
External
Published: App1
endpoint for
app1 with claims aware
application Azure AD Trust
preauth
Application proxy
Azure Trust
connector
www.microsoft.com/itprocloudessentials
www.microsoft.com/mechanics
https://techcommunity.microsoft.com
http://myignite.microsoft.com
https://aka.ms/ignite.mobileapp