Configure Office 365 as a Federated Domain for Single Sign-on

Steps to configure Office 365 as a Federated Domain for Single Sign-on

 

1. Connect to Office 365 Tenant

Connect-MsolService

2. List the domains

Get-MsolDomain

3. Convert the domain to a federated domain

Set-MsolDomainAuthentication –DomainName <YOUR DOMAIN> –Authentication Federated –IssuerUri <Outlook Tenant Issuer> -FederationBrandName <Your Brand Name> -PassiveLogOnUri https://<Your Idp URL>:443/SAAS/API/1.0/POST/sso -LogOffUri https://login.microsoftonline.com/logout.srf -ActiveLogOnUri https://<Your Idp URL>/SAAS/auth/wsfed/active/logon -MetadataExchangeUri https://<Your Idp URL>/SAAS/auth/wsfed/services/mex -SigningCertificate <Your Idp Certificate>

4. Verify the federation

Get-MsolDomainFederationSettings -DomainName <YOUR DOMAIN>

Note

Convert the domain back to managed

Set-MsolDomainAuthentication -DomainName <YOUR DOMAIN> -Authentication Managed

 

Leave a Reply

Your email address will not be published. Required fields are marked *