{"id":2298,"date":"2024-08-28T10:22:00","date_gmt":"2024-08-28T10:22:00","guid":{"rendered":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/?p=2298"},"modified":"2026-05-12T15:23:35","modified_gmt":"2026-05-12T15:23:35","slug":"identity-access-management","status":"publish","type":"post","link":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview","title":{"rendered":"Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) &#8211; Part 1: Overview"},"content":{"rendered":"\n<h3 class=\"wp-block-heading\"><\/h3>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading2298_c7387d-2a, .wp-block-kadence-advancedheading.kt-adv-heading2298_c7387d-2a[data-kb-block=\"kb-adv-heading2298_c7387d-2a\"]{font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading2298_c7387d-2a mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading2298_c7387d-2a[data-kb-block=\"kb-adv-heading2298_c7387d-2a\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading2298_c7387d-2a img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading2298_c7387d-2a[data-kb-block=\"kb-adv-heading2298_c7387d-2a\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<h2 class=\"kt-adv-heading2298_c7387d-2a wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading2298_c7387d-2a\">Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) &#8211; Part 1: Overview<\/h2>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading2298_3ff337-78, .wp-block-kadence-advancedheading.kt-adv-heading2298_3ff337-78[data-kb-block=\"kb-adv-heading2298_3ff337-78\"]{font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading2298_3ff337-78 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading2298_3ff337-78[data-kb-block=\"kb-adv-heading2298_3ff337-78\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading2298_3ff337-78 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading2298_3ff337-78[data-kb-block=\"kb-adv-heading2298_3ff337-78\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading2298_3ff337-78 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading2298_3ff337-78\">I was the IAM architect for a Global fortune 500 CPG company for many years. The enterprise was in the midst of a major transformation to modernize and simplify the environment while improving security posture and improving end user experience. The transformation included a new cloud strategy, a new HRMS, and a change in strategy from best of breed to an integrated platform.<br>\u200d<br>This enterprise decided early on in 2016 to adopt a cloud only strategy. To help seal the deal and ensure the strategy was adhered to the enterprise sold their datacenters, requiring that all infrastructure and applications migrate to a multi-cloud environment within a 24 month timeline.<br>\u200d<br>This posed many challenges to include many related to identity and access management. The majority of applications, around 600, were integrated with an on-premises web access management (WAM) tool providing SSO based on Active Directory credentials. There also was a perceived notion that this environment was unstable and there was a strong desire to replace it. The decision was made to replace the existing access management with a cloud service, so Azure AD (now Entra ID) was chosen.<br>\u200d<br><strong>The organization had previously adopted Office 365 and had established an Azure AD tenant, directory, and related infrastructure. All of this needed to be reviewed and updated to support the user data required to provide for enterprise access management., which included:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Synchronizing all user and group identities to AAD<\/li>\n\n\n\n<li>Syncing custom attributes from AD to AAD<\/li>\n\n\n\n<li>AADC upgrades<\/li>\n\n\n\n<li>How to handle B2B AD user accounts<\/li>\n\n\n\n<li>Migrate off on-premises Web Access Management tool<\/li>\n\n\n\n<li>Enable the change of HRMS solutions<\/li>\n\n\n\n<li>Enable MFA<\/li>\n\n\n\n<li>Adopt adaptive authentication<\/li>\n<\/ul>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading2298_11d578-b4, .wp-block-kadence-advancedheading.kt-adv-heading2298_11d578-b4[data-kb-block=\"kb-adv-heading2298_11d578-b4\"]{margin-top:3.5rem;font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading2298_11d578-b4 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading2298_11d578-b4[data-kb-block=\"kb-adv-heading2298_11d578-b4\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading2298_11d578-b4 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading2298_11d578-b4[data-kb-block=\"kb-adv-heading2298_11d578-b4\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading2298_11d578-b4 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading2298_11d578-b4\"><strong>We developed a strategy to categorize applications by types, allowing a \u201cfactory approach\u201d to migration:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Modern apps (SAML enabled i.e SaaS)<\/li>\n\n\n\n<li>Existing Header based SSO enabled applications<\/li>\n\n\n\n<li>Custom Apps which would need updates or transformation<\/li>\n\n\n\n<li>Non-SSO enabled applications<\/li>\n<\/ul>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading2298_7ce29f-60, .wp-block-kadence-advancedheading.kt-adv-heading2298_7ce29f-60[data-kb-block=\"kb-adv-heading2298_7ce29f-60\"]{margin-top:3.5rem;font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading2298_7ce29f-60 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading2298_7ce29f-60[data-kb-block=\"kb-adv-heading2298_7ce29f-60\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading2298_7ce29f-60 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading2298_7ce29f-60[data-kb-block=\"kb-adv-heading2298_7ce29f-60\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading2298_7ce29f-60 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading2298_7ce29f-60\">An additional challenge at the time was the lack of Azure App Proxy support for header based SSO with applications. Even now with &nbsp;App Proxy support of header-based authentication, it still has some limitations for global organizations. Deploying Azure App Proxy requires that all application traffic traverse the internet to the Azure App Proxy service and then on to App Proxy connector deployed near the application. This solution does not allow for using the optimized corporate network, minimizing bandwidth and utilizing LAN speed to allow direct access from client to application.<br>\u200d<br>The Solution \u2013 Utilize Azure AD as the single authentication control plane for authentication and conditional access with App Proxy for access while remote from company network but place an \u201cauthentication bridge\u201d near applications to integrate Azure AD OpenID Connect to legacy application authentication like those still relying on HTTP Headers.<br>\u200d<br>The authentication bridge was based on Open Source components using Apache HTTP Server as a reverse Proxy, various Apache modules like&nbsp;<a href=\"https:\/\/httpd.apache.org\/docs\/2.4\/mod\/mod_rewrite.html\" target=\"_blank\" rel=\"noreferrer noopener\">mod_rewrite<\/a>\u2013 handle necessary changes for urls,&nbsp;<a href=\"https:\/\/httpd.apache.org\/docs\/2.4\/mod\/mod_headers.html\" target=\"_blank\" rel=\"noreferrer noopener\">mod_headers<\/a>&nbsp;\u2013set HTTP headers and&nbsp;<a href=\"https:\/\/httpd.apache.org\/docs\/2.2\/mod\/mod_mem_cache.html\" target=\"_blank\" rel=\"noreferrer noopener\">mod_memcache<\/a>\u2013 maintain session cache. We still needed a way to take the modern authentication from Azure AD and get the user authenticated into the Apache Reverse Proxy, and that is where modules like&nbsp;<a href=\"https:\/\/github.com\/zmartzone\/mod_auth_openidc\" target=\"_blank\" rel=\"noreferrer noopener\">mod_auth_openidc&nbsp;<\/a>or&nbsp;<a href=\"https:\/\/www.shibboleth.net\/products\/\" target=\"_blank\" rel=\"noreferrer noopener\">Shibboleth<\/a>&nbsp;help to get that local authentication and necessary user profile information to Apache. This also allowed us to use the same policy data to perform local authorization bypassing App Proxy for application traffic other than the initial user authentication.<\/p>\n\n\n<style>.kb-image2298_911e95-dc .kb-image-has-overlay:after{opacity:0.3;}<\/style>\n<div class=\"wp-block-kadence-image kb-image2298_911e95-dc\"><figure class=\"aligncenter size-full\"><img decoding=\"async\" width=\"935\" height=\"681\" src=\"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf60c274508dbed623c7f6_66cf5e3134dc40ea25cf852c_corporate20network_result.webp\" alt=\"\" class=\"kb-img wp-image-2316\" srcset=\"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf60c274508dbed623c7f6_66cf5e3134dc40ea25cf852c_corporate20network_result.webp 935w, https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf60c274508dbed623c7f6_66cf5e3134dc40ea25cf852c_corporate20network_result-300x219.webp 300w, https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf60c274508dbed623c7f6_66cf5e3134dc40ea25cf852c_corporate20network_result-768x559.webp 768w\" sizes=\"(max-width: 935px) 100vw, 935px\" \/><figcaption>OpenID&nbsp;Connect \/ SAML&nbsp;Authentication.<\/figcaption><\/figure><\/div>\n\n\n<style>.wp-block-kadence-advancedheading.kt-adv-heading2298_aefed1-43, .wp-block-kadence-advancedheading.kt-adv-heading2298_aefed1-43[data-kb-block=\"kb-adv-heading2298_aefed1-43\"]{margin-top:0rem;font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading2298_aefed1-43 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading2298_aefed1-43[data-kb-block=\"kb-adv-heading2298_aefed1-43\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading2298_aefed1-43 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading2298_aefed1-43[data-kb-block=\"kb-adv-heading2298_aefed1-43\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading2298_aefed1-43 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading2298_aefed1-43\">In the next installments I will discuss technical details regarding Azure AD extension attributes, extending JWT\/SAML claims through custom claims, Apache server configuration and migration techniques.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) &#8211; Part 1: Overview I was the IAM architect for a Global fortune 500 CPG company for many years. The enterprise was in the midst of a major transformation to modernize and simplify the environment while improving security posture and improving [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2301,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","footnotes":""},"categories":[36],"tags":[],"industries_categories":[],"class_list":["post-2298","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-identity-access-management"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Insights | Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) - Part 1: Overview<\/title>\n<meta name=\"description\" content=\"Discover how I navigated the complex IAM transformation for a Fortune 500 CPG company shifting to a cloud-only strategy. This post covers our transition from on-premises Web Access Management to Azure AD, addressing challenges like application integration and MFA. Learn about our innovative use of an authentication bridge with open-source tools to overcome Azure App Proxy limitations. Stay tuned for detailed insights in the upcoming installments!\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Insights | Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) - Part 1: Overview\" \/>\n<meta property=\"og:description\" content=\"Discover how I navigated the complex IAM transformation for a Fortune 500 CPG company shifting to a cloud-only strategy. This post covers our transition from on-premises Web Access Management to Azure AD, addressing challenges like application integration and MFA. Learn about our innovative use of an authentication bridge with open-source tools to overcome Azure App Proxy limitations. Stay tuned for detailed insights in the upcoming installments!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/\" \/>\n<meta property=\"og:site_name\" content=\"Collective Insights\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-28T10:22:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-05-12T15:23:35+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"2560\" \/>\n\t<meta property=\"og:image:height\" content=\"1435\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/\"},\"author\":{\"name\":\"Admin\",\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#\\\/schema\\\/person\\\/a0cbafe0952a8524f4804ce7f736b62f\"},\"headline\":\"Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) &#8211; Part 1: Overview\",\"datePublished\":\"2024-08-28T10:22:00+00:00\",\"dateModified\":\"2026-05-12T15:23:35+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/\"},\"wordCount\":634,\"publisher\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp\",\"articleSection\":[\"Identity &amp; Access Management\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/\",\"url\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/\",\"name\":\"Insights | Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) - Part 1: Overview\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp\",\"datePublished\":\"2024-08-28T10:22:00+00:00\",\"dateModified\":\"2026-05-12T15:23:35+00:00\",\"description\":\"Discover how I navigated the complex IAM transformation for a Fortune 500 CPG company shifting to a cloud-only strategy. This post covers our transition from on-premises Web Access Management to Azure AD, addressing challenges like application integration and MFA. Learn about our innovative use of an authentication bridge with open-source tools to overcome Azure App Proxy limitations. Stay tuned for detailed insights in the upcoming installments!\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/blog-posts\\\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\\\/#primaryimage\",\"url\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp\",\"contentUrl\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp\",\"width\":2560,\"height\":1435},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#website\",\"url\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/\",\"name\":\"Collective Insights\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#organization\",\"name\":\"Collective Insights\",\"url\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/collective-insights-logo-reversed.png\",\"contentUrl\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/collective-insights-logo-reversed.png\",\"width\":585,\"height\":155,\"caption\":\"Collective Insights\"},\"image\":{\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/#\\\/schema\\\/person\\\/a0cbafe0952a8524f4804ce7f736b62f\",\"name\":\"Admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/66c9c50451d1eb412b776c5e61746540181486d11930786c085e45abfa640b8a?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/66c9c50451d1eb412b776c5e61746540181486d11930786c085e45abfa640b8a?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/66c9c50451d1eb412b776c5e61746540181486d11930786c085e45abfa640b8a?s=96&d=mm&r=g\",\"caption\":\"Admin\"},\"sameAs\":[\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\"],\"url\":\"https:\\\/\\\/modomodostage.com\\\/_client\\\/CIN\\\/CIN016\\\/author\\\/wla\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Insights | Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) - Part 1: Overview","description":"Discover how I navigated the complex IAM transformation for a Fortune 500 CPG company shifting to a cloud-only strategy. This post covers our transition from on-premises Web Access Management to Azure AD, addressing challenges like application integration and MFA. Learn about our innovative use of an authentication bridge with open-source tools to overcome Azure App Proxy limitations. Stay tuned for detailed insights in the upcoming installments!","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Insights | Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) - Part 1: Overview","og_description":"Discover how I navigated the complex IAM transformation for a Fortune 500 CPG company shifting to a cloud-only strategy. This post covers our transition from on-premises Web Access Management to Azure AD, addressing challenges like application integration and MFA. Learn about our innovative use of an authentication bridge with open-source tools to overcome Azure App Proxy limitations. Stay tuned for detailed insights in the upcoming installments!","og_url":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/","og_site_name":"Collective Insights","article_published_time":"2024-08-28T10:22:00+00:00","article_modified_time":"2026-05-12T15:23:35+00:00","og_image":[{"width":2560,"height":1435,"url":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp","type":"image\/webp"}],"author":"Admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Admin","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/#article","isPartOf":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/"},"author":{"name":"Admin","@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#\/schema\/person\/a0cbafe0952a8524f4804ce7f736b62f"},"headline":"Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) &#8211; Part 1: Overview","datePublished":"2024-08-28T10:22:00+00:00","dateModified":"2026-05-12T15:23:35+00:00","mainEntityOfPage":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/"},"wordCount":634,"publisher":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#organization"},"image":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/#primaryimage"},"thumbnailUrl":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp","articleSection":["Identity &amp; Access Management"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/","url":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/","name":"Insights | Modernizing Identity and Access: Move to the cloud with Entra ID (Formerly Azure AD) - Part 1: Overview","isPartOf":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#website"},"primaryImageOfPage":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/#primaryimage"},"image":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/#primaryimage"},"thumbnailUrl":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp","datePublished":"2024-08-28T10:22:00+00:00","dateModified":"2026-05-12T15:23:35+00:00","description":"Discover how I navigated the complex IAM transformation for a Fortune 500 CPG company shifting to a cloud-only strategy. This post covers our transition from on-premises Web Access Management to Azure AD, addressing challenges like application integration and MFA. Learn about our innovative use of an authentication bridge with open-source tools to overcome Azure App Proxy limitations. Stay tuned for detailed insights in the upcoming installments!","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/blog-posts\/modernizing-identity-and-access-move-to-the-cloud-with-entra-id-formerly-azure-ad-part-1-overview\/#primaryimage","url":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp","contentUrl":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf6073482d2f7605722639_AdobeStock_748256906_result-scaled.webp","width":2560,"height":1435},{"@type":"WebSite","@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#website","url":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/","name":"Collective Insights","description":"","publisher":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#organization","name":"Collective Insights","url":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#\/schema\/logo\/image\/","url":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/04\/collective-insights-logo-reversed.png","contentUrl":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/04\/collective-insights-logo-reversed.png","width":585,"height":155,"caption":"Collective Insights"},"image":{"@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/#\/schema\/person\/a0cbafe0952a8524f4804ce7f736b62f","name":"Admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/66c9c50451d1eb412b776c5e61746540181486d11930786c085e45abfa640b8a?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/66c9c50451d1eb412b776c5e61746540181486d11930786c085e45abfa640b8a?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/66c9c50451d1eb412b776c5e61746540181486d11930786c085e45abfa640b8a?s=96&d=mm&r=g","caption":"Admin"},"sameAs":["https:\/\/modomodostage.com\/_client\/CIN\/CIN016"],"url":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/author\/wla\/"}]}},"taxonomy_info":{"category":[{"value":36,"label":"Identity &amp; Access Management"}]},"featured_image_src_large":["https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-content\/uploads\/2026\/05\/66cf6073482d2f7605722639_AdobeStock_748256906_result-1024x574.webp",1024,574,true],"author_info":{"display_name":"Admin","author_link":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/author\/wla\/"},"comment_info":0,"category_info":[{"term_id":36,"name":"Identity &amp; Access Management","slug":"identity-access-management","term_group":0,"term_taxonomy_id":36,"taxonomy":"category","description":"","parent":50,"count":10,"filter":"raw","cat_ID":36,"category_count":10,"category_description":"","cat_name":"Identity &amp; Access Management","category_nicename":"identity-access-management","category_parent":50}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/posts\/2298","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/comments?post=2298"}],"version-history":[{"count":5,"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/posts\/2298\/revisions"}],"predecessor-version":[{"id":2524,"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/posts\/2298\/revisions\/2524"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/media\/2301"}],"wp:attachment":[{"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/media?parent=2298"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/categories?post=2298"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/tags?post=2298"},{"taxonomy":"industries_categories","embeddable":true,"href":"https:\/\/modomodostage.com\/_client\/CIN\/CIN016\/wp-json\/wp\/v2\/industries_categories?post=2298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}