Posted by Cirrus Customer Success on Aug 4, 2021 11:24:01 AM

Cirrus Identity Bridge is Now Available in the Microsoft Azure AD App Gallery - Streamlining multilateral federation and CAS integrations for higher education institutions!

Cirrus Identity and Microsoft Azure AD Solution Partnership

As higher education budgets tighten and Identity and Access teams are stretched thinner, institutions are looking to maximize their existing investment in Microsoft Azure AD as their primary single sign-on (SSO) solution.  Many campuses have extensive integrations with Microsoft Active Directory and are positioning Azure AD as a central component of their IAM strategy and architecture. 

As active members of the higher education Identity and Access Management (IAM) community, Cirrus Identity has focused on providing Software-as-a-Service (SaaS) solutions to streamline access to systems for higher education institutions.  The Cirrus Identity Bridge makes it very easy for educational institutions to leverage the full value of Azure AD and their membership in multilateral federations like InCommon (United States), the Canadian Access Federation (CAF) and national federations that belong to eduGAIN (worldwide).  

And now, to make it even easier, the Cirrus Identity Bridge is available in the Microsoft Azure AD Application Gallery!  The Azure AD App Gallery helps customers easily discover and deploy identity solutions from trusted partners.

The Cirrus Identity Bridge fills two gaps common for higher education institutions that utilize Azure AD:  SAML multilateral federation and CAS authentication.  


IAM Challenges Solved by the Cirrus Identity Bridge

Cirrus SAML Bridge for Multilateral Federation Challenge:  The research and higher education community has developed a strong identity trust fabric to streamline secure collaboration across institutions throughout the world. Multilateral federation is the authentication framework used by members in federations like InCommon (United States), the UK Federation (UK) and other national federations that belong to eduGAIN (worldwide). 

Solution: Azure AD does not support multilateral federation and the Cirrus SAML Bridge makes it easy for institutions to use Azure AD for single sign-on (SSO) and join eduGAIN federations like InCommon.


Cirrus CAS Bridge Challenge:  The CAS authentication protocol is commonly used by higher education institutions.  Azure AD supports SAML, but does not support CAS authentication out-of-the-box.  

Solution:  The Cirrus CAS Bridge enables quick consolidation to Azure AD for SSO by supporting CAS authentication to applications that cannot be migrated to SAML or will take time to transition.


Value of Cirrus Identity Bridge and Azure AD

The Institutions that transition to Azure AD as their primary SSO are leveraging the following benefits:

  • Configuration of the application is minimal and handled in the Azure AD portal.  Feature-rich functionality is widely known for easier recruiting of experienced IAM staff.
  • Secure cloud hosting to reduce technical debt and simplify the Identity and Access Management environment.  
  • Leverage Azure AD-based multi-factor authentication (MFA) across multiple applications.


The Cirrus SAML Bridge for multilateral federation and/or Cirrus CAS Bridge provide the following benefits:

  • The user login experience is streamlined - users see the Azure AD login screen they are accustomed to using.  No training is required!
  • No need to implement, maintain and support ShibbolethSimpleSAMLphp or CAS on premises.  Save infrastructure, development and support costs while reducing security and technical risks.
  • Maximize your federation membership investment and provide users easy access to services developed for higher education institutions and made available through your national federation.  See the most common Service Providers used by Cirrus customers.
  • The Cirrus Bridge complies with the REFEDS standards for Research and Scholarship Entity Category attribute release and REFEDS Multi-Factor Authentication profile standards for NIH.  Cirrus currently supports the InCommon Baseline v2 Expectations and will support the new REFEDS Assurance Framework v1 as finalized. 
  • Cirrus Identity staff come from IAM teams in higher education institutions and are an extension of your team during the typical 2-4 week implementation with weekly/bi-weekly meetings.  Mutual customers also receive step-by-step configuration documentation.  After implementation, the Cirrus Customer Success team is an ongoing resource to discuss IAM challenges and solutions. 


Want to Learn More?

Cirrus Identity will be happy to meet with you and share more about how the SAML Bridge and/or CAS Bridge can streamline access for your institution with Azure AD - Talk to Us!



Topics: Federated Identity Management, Microsoft Azure AD