In a previous post I did an introduction on come of the concepts of Azure AD usage with AX2012 Enterprise Portal, this is a follow-up post to going into some more detail.
Azure Active Directory is a capability in Azure to setup a directory service that you can use to manage users. For managing external users to access your website like the Dynamics AX Enterprise Portal it might be a good option to avoid having to manage an on-premise Active Directory. As well users could be related to another domain like a customers or vendor’s domain. This will give you some additional options for managing this user base.
Because AX2012 R3 can be configured to use Azure ACS to manage claims users means you can piggy back on this service to authenticate with Azure AD. This video walks through the process of creating a new Azure AD, setting that up as an Identity provider through Azure Control Services or ACS.
In this video I have already configured my SharePoint site running Enterprise Portal to have a trusted provide which is my ACS. If you want to do some background reading on the setup here are some useful links.
SharePoint Claims general concepts.
Deploying Enterprise Portal with Azure ACS.
Using Microsoft Azure Active Directory for SharePoint 2013 authentication
Adding an Azure AD Tenant as an identity provider in Azure ACS