how to integrate on-prem ADFS with Microsoft Entra App proxy for SSO? please anyone suggest.

See whether this can help:

 

Step 1: Configure Microsoft Entra Application Proxy
Enable Application Proxy:

Sign in to the Microsoft Entra admin center.

Navigate to Identity > Applications > Enterprise applications > Application proxy.

Enable the Application Proxy service and install the Application Proxy connector on a server that has access to your on-premises applications.

Publish the On-Premises Application:

In the Microsoft Entra admin center, go to Enterprise applications > New application.

Select On-premises application and follow the wizard to publish your on-premises application.

Configure the external URL and internal URL for your application.

Step 2: Configure ADFS for SSO
Create a Relying Party Trust:

Open the ADFS Management console on your ADFS server.

Navigate to Relying Party Trusts and add a new relying party trust.

Use the metadata URL provided by Microsoft Entra Application Proxy to configure the trust.

Configure Claim Rules:

In the ADFS Management console, select the relying party trust you just created.

Add claim rules to pass the necessary attributes to Microsoft Entra ID. For example, you might need to pass the UPN or email address.

Step 3: Configure SSO in Microsoft Entra ID
Set Up Single Sign-On:

In the Microsoft Entra admin center, go to Enterprise applications and select the application you published.

Navigate to Single sign-on and choose the appropriate SSO method (e.g., SAML, Integrated Windows Authentication).

Follow the wizard to configure SSO, using the information from your ADFS setup.

Test the Configuration:

Ensure that users can access the application through the external URL and that SSO works as expected.

Verify that the claims are being passed correctly and that users are authenticated via ADFS.