NHS sign with a heart around it drawn on a brick drive way.

iThink 365 implement Azure AD SSO for UKHSA’s National TB Service

The challenge

The UK Health Security Agency (formerly Public Health England) launched its National TB service which is used to monitor, track and trace and manage TB infections was launched in 2022.

One of the final hurdles was to change the identity and authentication system from Windows-based authentication to Azure AD authentication so that the service no longer relied on on-premises infrastructure that was difficult to manage and maintain.

Our partner, Aptemus, who has been working on a national healthcare system with Public Health England asked for our help to migrate the application code and implement single sign-on (SSO) with Azure Directory.

Additionally, the reporting approach was not really winning the system fans and Aptemus wanted to investigate delivering a new reporting solution with Power BI and required support to investigate the art of the possible.

The solution

The solution involved implementing Azure Active Directory whilst also enabling Windows Authentication if required via configuration. This allowed the service to be moved over to Azure Active Directory authentication with a backup of keeping the existing authentication and reducing the risk to the service.

Furthermore, this improved the experience for the various NHS external users who now could login with their existing account rather than having to have another username and password to manage. This helps improve the security of the application and reduces the burden on the applications admin team.

The Power BI reports showed that there was a benefit to moving to the new platform.

Technologies used

Microsoft Azure Active Directory
Microsoft Azure
The Power BI Logo
Power BI


The National TB service was able to be rolled out with SSO logins via the Azure AD login methods.

This gave the following benefits:

  • reduced the admin burden for the support team who did not have to manage password changes and communicate login details.
  • Less infrastructure to manage as more platform as a service was used to deliver the solution.
  • More secure login and authentication approach with Multi-Factor Authentication.
  • Buy-in from the stakeholders and users that Power BI was worth further investment.