Azure SQL Database V12 now supports (in public preview) Azure AD authentication,
a mechanism of connecting to SQL Database by using identities in Azure AD for managed
and federated domains.
With Azure AD authentication, you can centrally manage the identities of database users and
other Microsoft services in one central location. Central ID management provides a single place
to manage SQL Database users and simplifies permission management.
- This feature provides an alternative to SQL Server authentication
and helps stop the proliferation of user identities across database servers owned
by an organization. Furthermore, the same Azure AD identity that can connect to
Azure SQL DB can also be used to authenticate to a growing number of Microsoft
cloud services. Azure AD authentication enables a “single sign-on” experience for
customers who have federated their on-premise Active Directory Federation
Services (ADFS) with Azure AD in the cloud. Once logged on to a domain-joined
machine, users connect to their Azure SQL DB databases without being prompted
for credentials. By allowing users to represent Azure AD groups as database users,
Azure AD authentication enables customers to manage permissions by moving
the principals to and out of Azure AD groups
For more information on Azure AD authentication see
Connecting to SQL Database By Using Azure Active Directory Authentication
In addition to the main document indicated above, attached is the zip file with details on the
PowerShell and programming interface (with a readme file) for Azure AD authentication.
Mirek Sztajno, Senior Program Manager Azure SQL DB – Security Team