Reviewing Azure Stack Hub identity fundamentals
We have already touched on one of the Azure Stack Hub identity fundamentals in Chapter 1, What Is Azure Stack Hub?, and Chapter 2, Azure Stack Architecture, that is, your choice of identity provider. There are two possible options to select from for the identity resource provider. These are AAD or ADFS. This choice needs to be made prior to deployment, and you cannot change an identity provider post-deployment without a complete redeployment of the Azure Stack Hub solution.
The decision around your identity provider is vitally important as the identity provider you choose might limit your options, particularly around the support of multi-tenancy.
Let's take a look at the differences for each provider:
As discussed earlier in this chapter, the Open ID Connect protocol is used as part of the authorization flow and also the resource owner flow. We utilize the JSON Web Token for use of the Azure portal...
