Announcing public preview of SSO and passwordless authentication for Azure Virtual Desktop

Today we’re announcing the public preview for enabling an Azure AD-based single sign-on experience and support for passwordless authentication, using Windows Hello and security devices (like FIDO2 keys). With this preview, you can now:

• Enable a single sign-on experience to Azure AD-joined and Hybrid Azure AD-joined session hosts when using the Windows and the web clients
• Use passwordless authentication to sign in to the host using Azure AD
• Use passwordless authentication inside the session when using the Windows client
• Use third-party Identity Providers (IdP) that integrate with Azure AD to sign in to the host

New Azure AD authentication RDP property in the Azure Virtual Desktop portal.

Getting started

This new functionality is currently available on Windows 10, Windows 11 and Windows Server 2022 session hosts, once you’ve installed the September Cumulative Update Preview.

• Want a quick overview of the new functionality? Watch this intro video on Azure Academy!
• To get started with single sign-on, follow the instructions to Configure single sign-on which will guide you in enabling the new authentication protocol.
• To start using Windows Hello and FIDO2 keys inside the session, follow the instructions for In-session passwordless authentication to use the new WebAuthn redirection functionality.
• Learn more about the supported authentication methods for Azure Virtual Desktop, including single sign-on on our Identities and authentication page.