You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/virtual-desktop/authentication.md
+7-7Lines changed: 7 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -50,22 +50,22 @@ Azure Virtual Desktop currently doesn't support [external identities](/entra/ext
50
50
51
51
## Authentication methods
52
52
53
-
When accessing Azure Virtual Desktop resources, there are three separate authentication points:
53
+
When accessing Azure Virtual Desktop resources, there are three separate authentication phases:
54
54
55
-
-**Cloud service authentication**: Authenticating to the service, which includes subscribing to resources and authenticating to the Gateway, is with Microsoft Entra ID.
55
+
-**Cloud service authentication**: Authenticating to the Azure Virtual Desktop service, which includes subscribing to resources and authenticating to the Gateway, is with Microsoft Entra ID.
56
56
-**Remote session authentication**: Authenticating to the remote VM. There are multiple ways to authenticate to the remote session, including the recommended single sign-on (SSO).
57
57
-**In-session authentication**: Authenticating to applications and web sites within the remote session.
58
58
59
-
For the list of credential available on the different clients for each of the authentication point, [compare the clients across platforms](compare-remote-desktop-clients.md?pivots=azure-virtual-desktop).
59
+
For the list of credential available on the different clients for each of the authentication phase, [compare the clients across platforms](compare-remote-desktop-clients.md?pivots=azure-virtual-desktop#authentication).
60
60
61
61
>[!IMPORTANT]
62
62
>In order for authentication to work properly, your local machine must also be able to access the [required URLs for Remote Desktop clients](safe-url-list.md#remote-desktop-clients).
63
63
64
-
The following sections provide more information on these authentication points.
64
+
The following sections provide more information on these authentication phases.
65
65
66
66
### Cloud service authentication
67
67
68
-
To access Azure Virtual Desktop resources, you must first authenticate to the service by signing in with a Microsoft Entra ID account. Authentication happens whenever you subscribe to a workspace to retrieve your resources, connect to the gateway when launching a connection or when sending diagnostic information to the service. The Entra ID resource used for this authentication is Azure Virtual Desktop (app ID 9cdead84-a844-4324-93f2-b2e6bb768d07).
68
+
To access Azure Virtual Desktop resources, you must first authenticate to the service by signing in with a Microsoft Entra ID account. Authentication happens whenever you subscribe to retrieve your resources, connect to the gateway when launching a connection or when sending diagnostic information to the service. The Entra ID resource used for this authentication is Azure Virtual Desktop (app ID 9cdead84-a844-4324-93f2-b2e6bb768d07).
69
69
70
70
<aname='multi-factor-authentication'></a>
71
71
@@ -91,11 +91,11 @@ If you haven't already enabled [single sign-on](#single-sign-on-sso) or saved yo
91
91
92
92
#### Single sign-on (SSO)
93
93
94
-
SSO allows the connection to skip the session host credential prompt and automatically sign the user in to Windows. For session hosts that are Microsoft Entra joined or Microsoft Entra hybrid joined, it's recommended to enable [SSO using Microsoft Entra authentication](configure-single-sign-on.md). Microsoft Entra authentication provides other benefits including passwordless authentication and support for third-party identity providers.
94
+
SSO allows the connection to skip the session host credential prompt and automatically sign the user in to Windows through Microsoft Entra authentication. For session hosts that are Microsoft Entra joined or Microsoft Entra hybrid joined, it's recommended to enable [SSO using Microsoft Entra authentication](configure-single-sign-on.md). Microsoft Entra authentication provides other benefits including passwordless authentication and support for third-party identity providers.
95
95
96
96
Azure Virtual Desktop also supports [SSO using Active Directory Federation Services (AD FS)](configure-adfs-sso.md) for the Windows Desktop and web clients.
97
97
98
-
Without SSO, the client will prompt users for their session host credentials for every connection. The only way to avoid being prompted is to save the credentials in the client. We recommend you only save credentials on secure devices to prevent other users from accessing your resources.
98
+
Without SSO, the client prompts users for their session host credentials for every connection. The only way to avoid being prompted is to save the credentials in the client. We recommend you only save credentials on secure devices to prevent other users from accessing your resources.
0 commit comments