I am not expert on Azure but would appreciate if anyone could shed light if it possible to implement single sign-on on Dynamics AX on Azure. We would like to deploy Dynamics AX on Azure (in the cloud). The intention is to use accounts which are on our private AD to be authenticated by Dynamics AX on Azure. Reading resources on the internet has not really helped. We are just wondering if it is possible to run AD FS as an IdP on our domain to support SAML-based STS (Security Token Service), deploy ACS on Azure AD (AAD), and then hook Dynamics to Azure ADD. Azure ACS would be used to send authentication requests to our internal IdP.
Synchronizing our private AD and the AD on the cloud has been considered. However this is not preferred option.