An Am Law 200 law firm client was providing their employees and network users with access to more than one hundred SaaS applications. While some of these applications had been previously configured for Security Assertion Markup Language (SAML) authentication to their identity provider, Active Directory Federation Services (ADFS), others were using local account management. As part of their cloud-first initiative, our client wanted to move away from managing their on-premises ADFS environment. They aimed to leverage Azure AD as the new Identity Provider, which was already synchronized with Azure AD Connect. Additionally, our client hoped to leverage security features like Conditional Access in Azure AD.