I am looking for some feedback from anyone who is using Microsoft Azure to authenticate it's Canvas users. We currently utilize on premise authentication using Active Directory. We are looking to move our authentication to the cloud and I am curious what user experiences are using Azure. I see that the configuration looks to be fairly straight forward. But what about the end user experience and reliability?
We have been using AzureAD for a few months with no reliability issues.
We just recently added a SharePoint redirect as the Discovery page because Canvas isn't very particular about which Microsoft account the user might be attempting to use, and if it was the wrong account it was confusing.
Meaning, if I am signing into Microsoft with my personal MS account, Canvas would attempt to authenticate me using that account, couldn't find me, and would send me to the /login/canvas page. As an SSO user, I don't have a "Canvas" username/password and would be stuck.
By using a discovery page in SharePoint, when I go to Canvas it would send me first to SharePoint. If logged in to the correct MS account, I would redirect back to Canvas seamlessly. If not logged into the correct account, SharePoint will tell me which account I am using and give me a link to change to the correct account before returning.