Azure Active Directory (Azure AD) Pass-through Authentication allows your users to sign in to both on-premises and cloud-based applications using the same passwords. This feature provides your users a better experience – one less password to remember, and reduces IT helpdesk costs because your users are less likely to forget how to sign in. When users sign in using Azure AD, this feature validates users’ passwords directly against your on-premises Active Directory.

This feature is an alternative to Azure AD Password Hash Synchronization, which provides the same benefit of cloud authentication to organizations. However, security and compliance policies in certain organizations don’t permit these organizations to send users’ passwords, even in a hashed form, outside their internal boundaries. Pass-through Authentication is the right solution for such organizations.

You can combine Pass-through Authentication with the Seamless Single Sign-On feature. This way, when your users are accessing applications on their corporate machines inside your corporate network, they don’t need to type in their passwords to sign in.

Read more in the following articles