Azure AD (native) vs. Azure AD (with MyWorkspace): What's the Difference? Which Should You Choose?
Overview
In this article, we would like to give you an overview of two ways to connect your Digital Workspace Platform (DWP) based application with Azure Active Directory (Azure AD/AAD) and help to chose one that fits your needs best.
Azure AD (native) vs. Azure AD (with MyWorkspace): What Are They, Exactly?
Azure AD (Native) same as Azure AD (with MyWorkspace) comes with DWP license and so are present in both Enterprise Service Management (ESM) and Secure Unified Endpoint Management (SUEM) products by default.
However, the set of features that are available in each of them is different and depending on your needs one to be selected.
For instance, in the case of Users/Groups import from Azure AD and/or Authentication with Azure AD is required, Matrix42 recommends using Azure AD (Native).
Azure AD (Native) or Azure AD (with MyWorkspace): What's the Technically the Difference?
In the following table, you are able to see what features are present in both options, as well as what is planned to be developed in future
Feature | Azure AD ( Native) | Azure AD (with My Workspace) |
Import Users to DWP | yes | no |
Import Groups to DWP | yes | no |
Filters for Users and Groups import | yes | no |
Import User Groups membership | yes | no |
Authentication from single-tenant | yes | yes |
Authentication from multiple tenants | yes | yes |
Import of Custom Attributes | yes (10.0.1.3050 or higher) | no |
SAML2 support | yes | yes |
OAUTH2 support | no | yes |
Single sign-on support | yes | yes |
Active Directory Federation Services | yes | yes |
Dynamic Account creation | no | yes |
Delayed Activation | no | yes |
Conditional Access | no | yes |
Users synchronization to AAD | planned | no |
Groups synchronization to AAD | planned | no |
User membership synchronization to AAD | planned | no |
Included to DWP license | yes | yes |
AD (native) vs. AD (with MyWorkspace): What does Matrix42 recommend?
When On-Premises Active Directory is in use for On-Premises ESM solution - AD (Native) Data Provider is recommended.
However, for the case of ESM as SaaS offering, MyWorkspace AD connector is the recommended option to do Authentication with On-Premises AD.