Hi Friends,

In this section, we will see hybrid identity in Azure AD.

Hybrid basically means its a combination of on premises services with Microsoft services. In this case, on premise identity provider integrates with azure active directory.
If, I go to the settings option of my Azure Active Directory, I can see on the left panel Azure Ad Connect as highlighted below in the screenshot.

This screen contains number of options one can setup in order to enable hybrid identity.
Very first concept is synchronization. With this feature enabled, you can synchronize your already existing on-premise user ids and passwords with azure active directory. In that case, Azure active directory becomes the extension of on premise active directory.
Here, we need to download this Azure Ad Connect software and install it on our network. This is the very first step to get started with this.
Next step comes as part of User Sign-In known as Federation. This is the concept of leting another system not this system handle the user id and password. This means you trust that system and if person able to login in the other system that means that person is legit user. Federation is an alternative to the synchronization process.
Single sign-on is also very straightforward. Here, you already logged in and you don’t have to login again to access the cloud based apps. This is the seamless part of single sign-on.
Passthrough, also delegates the authentication process to on-premise server or to another authentication agent.