Today, Microsoft announced the Insider preview for enabling an Azure AD-based single sign-on experience and support for passwordless authentication, using Windows Hello and security devices (such as FIDO2 keys). This preview includes the following:
- Enable a single sign-on experience to Azure AD-joined and Hybrid Azure AD-joined session hosts
- Use passwordless authentication to sign in to the host using Azure AD
- Use passwordless authentication inside the session
- Use third-party Identity Providers (IdP) that integrate with Azure AD to sign in to the host
Getting started
This new functionality is currently available in Insider builds of Windows 11 22H2, available in the Azure gallery when deploying new session hosts in a host pool.
- Want a quick overview of the new functionality? Watch this intro video on Azure Academy!
- To get started with single sign-on, follow the instructions to Configure single sign-on which will guide you in enabling the new authentication protocol.
- To start using Windows Hello and FIDO2 keys inside the session, follow the instructions for In-session passwordless authentication To use the new WebAuthn redirection functionality.
- Learn more about the supported authentication methods supported by Azure Virtual Desktop, including single sign-on on our Identities and authentication page.
In any case, we are keeping an eye on these developments for all our clients, because a passwordless world is what we all want to get to, right? Because that's #superlogical
