What is Azure AD Application Proxy?

Azure AD Application Proxy is an Azure AD Premium cloud service which allows you to easily publish your on-premises (web) applications to users who work outside the corporate network. To complete this without Azure AD Application Proxy requires an on-premise firewall configuration with a perimeter network or a complicated VPN implementation.

Azure AD Application Proxy requires that you deploy a small connector on your on-premise applications. The connector auto connects to a cloud service. Multiple connectors can be deployed for redundancy and scale.

The Azure AD Application Proxy cloud service utilizes Azure AD for central management of your on-premise apps enabling you to publish the application in Azure. Your users can then access the application by using an external url like https://yourapp.yourdomain.xyz

The on-premise connector(s) make outgoing connections to the Azure AD Application Proxy service; there are no incoming connections to the corporate network. All HTTP and HTTPS traffic is terminated in the cloud, blocking most HTTP level attacks and you can choose to pre-authenticate users in Azure AD helping to secure access to the application.