| title | onPremisesPublishingSingleSignOn resource type |
|---|---|
| description | Represents the single-sign on settings for an on-premises application published via Application Proxy. |
| ms.localizationpriority | medium |
| author | dhruvinrshah |
| ms.subservice | entra-applications |
| doc_type | resourcePageType |
| ms.date | 07/26/2024 |
Namespace: microsoft.graph
[!INCLUDE beta-disclaimer]
Represents the single sign-on settings for the onPremisesPublishing resource when publishing an on-premises application with Microsoft Entra application proxy. This resource is used for setting Integrated Windows Authentication and header-based authentication as the single-sign on mode. For more information, see Kerberos Constrained Delegation for single-sign on to your apps with Application Proxy.
Note
Do not use this property for configuring SAML or password-based single-sign on. If you are configuring SAML single-sign-on this must be set on the servicePrincipal. If you are configuring password-based single-sign this must be set using createPasswordSingleSignOnCredentials.
| Property | Type | Description |
|---|---|---|
| kerberosSignOnSettings | kerberosSignOnSettings | The Kerberos Constrained Delegation settings for applications that use Integrated Window Authentication. |
| singleSignOnMode | singleSignOnMode | The preferred single-sign on mode for the application. The possible values are: none, onPremisesKerberos, aadHeaderBased,pingHeaderBased, oAuthToken. |
None.
The following JSON representation shows the resource type.
{
"kerberosSignOnSettings": {"@odata.type": "microsoft.graph.kerberosSignOnSettings"},
"singleSignOnMode": "String"
}