Allow direct connections to Bastion without going through Azure Portal or AAD
When I first saw Bastion, I thought it was a SaaS/PaaS native equivalent of Apache Guacamole, but I was disappointed to see the constraints of requiring the Azure portal to access and authenticate. I would like a service that allows direct browser access to the bastion service, but allows me to use standard web authentication mechanisms so I can use SAML/PIV/multifactor mechanisms that don't require client account creation in Azure AD. Unless that is available with Bastion, we won't be using this service and will look into customizing Guacamole offerings in the marketplace.
Vincent Smit commented
Agreed, this would be a welcome addition! Even more so if B2B guest accounts were supported in this model.
Paolo Lazzari commented
You can image a workflow where I launch an ARM template where I deploy both a virtual machine and a bastion host. At the end of the template deployment, I would like to be able to fetch the Bastion link and simply put it in the browser, perhaps share it with others too.
The requirement of going through the Portal is severely limiting.