I have been tinkering with the Azure AD API and it has been fairly simple to use via the MS documentation. The API calls are around user management, add/update/remove, in addition to granting users access to our PowerBI footprint by adding this into a specific Azure AD Group. I noticed there is also an API for Identity Providers and I am wondering what that is capable of.
Specifically, is it possible to configure Azure AD to use an external Idp for user authentication? For example, if I wanted to support an SSO scenario where a user is already logged into an external web application but then wants to SSO into the PowerBI Dashboard to manage reports. The thought is that when the user navigates to the Power BI Dashboard, Power BI would hit Azure AD and Azure AD (maybe via a configured Identity Provider??) would redirect the authentication to the external <g class="gr_ gr_883 gr-alert gr_spell gr_inline_cards gr_disable_anim_appear ContextualSpelling ins-del multiReplace" data-gr-id="883" id="883">IdP</g> to authenticate the user. If the user was not already authenticated, then they would be redirected to the login page managed by the IdP.
I apologize if I am not explaining this enough for anyone to provide an answer so if there are other questions that can help reduce confusion please let me know. This is a bit of a new area for me so I have been trying to figure out as much as <g class="gr_ gr_1265 gr-alert gr_tiny gr_spell gr_inline_cards gr_disable_anim_appear ContextualSpelling multiReplace" data-gr-id="1265" id="1265">i</g> can prior to posting this question.
Kind regards.