Compatibility of Azure Service Principal Accounts with Adobe Workfront and Fusion SSO
Transitioning from SiteMinder to Azure Single Sign-On (SSO) for authentication raises questions about whether Azure Service Principal Accounts can be used to authenticate into Adobe Workfront and Fusion, replacing traditional service accounts tied to email addresses. This article addresses the compatibility of these accounts and provides guidance on their configuration.
Description description
Environment
Adobe Workfront and Fusion
Issue/Symptoms
During the transition from SiteMinder to Azure-based Single Sign-On (SSO), there are concerns about whether Azure Service Principal Accounts can be used to authenticate into Adobe Workfront and Fusion. This stems from fundamental differences between traditional SiteMinder service accounts (typically tied to email identities) and Azure’s Service Principal Accounts, which follow a different identity and configuration model.
Resolution resolution
To ensure smooth transition of your authentication systems from SiteMinder to Azure SSO, follow these guidelines:
- The ability to use an Azure Service Principal Account for SSO depends on Microsoft’s configuration capabilities. Consult Microsoft support to confirm whether your desired account type can be used for SSO integration with Adobe products.
- When creating an account in the Adobe Admin Console, specify the username, email address, first name, last name, and country code. Admin Console doesn’t differentiate or recognize specific account types but requires basic user information for account setup.
- If your instance has been migrated to the Admin Console, adding a user/account is supported as long as the required information is provided during setup. Ensure that any necessary configurations are completed on the Microsoft side before attempting integration with Adobe Workfront or Fusion.
- For further assistance or clarification, contact Adobe Support directly.