Azure Integration Overview

This solution enables Workspace Control to save user settings to the Azure blob storage resource and consists of the following components:

• One or more Azure tenants

  An Azure tenant represents a single organization, where all users for that organization reside.

• One or more Azure blob storage accounts

  The blob storage account hosts the Workspace Control user settings in the Azure cloud environment.

• Workspace Control Composer

  The Composer synchronizes user settings between the user's local machine and the Azure blob storage during the start and the end of Workspace Control managed sessions, or during sessions at defined cache intervals.

• Workspace Control Web Service

  The Web Service is an Azure App Service that authenticates the Workspace Control user with the Azure tenant using shared access signature (SAS) tokens.

  For more information about SAS, see the following Microsoft article:
  https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview

The following illustration provides an overview of how the different components interact:

This solution enables Workspace Control to utilize Azure AD users and groups like any other supported Directory Service and consists of the following components:

• One or more Azure tenants

  An Azure tenant represents a single organization, where all users for that organization reside.

• One or more Azure application registration(s)

  The registered application uses Microsoft Graph API to access Azure AD user and group information and delivers this information to the Workspace Control Composer.

• Workspace Control Composer

  The Composer deploys applications, printers, menu items and settings to which the end user is granted access based on their Azure AD membership.

The following illustration provides an overview of how the different components interact: