Office 365 Single Sign-On Integration

The Office 365 Single Sign-on (SSO) Integration creates a client application that uses Auth0 for authentication and provides SSO capabilities for Office 365. Your users log in to Office 365 with Auth0 identity providers, which means the identity provider performs the identity credentials verification.

Prerequisites

Before you begin:

  • Sign up for an Office 365 account.
  • Set up a connection, which is a source of users. Connections can be databases, social identity providers, or enterprise identity providers, and can be shared among different applications. You may set up more than one connection for use with SSO integrations.
  1. Navigate to Auth0 Dashboard > Applications > SSO Integrations, and click + Create SSO Integration. Create SSO Integration

  2. Select Office 365. Select Service

  3. Click Continue to grant the integration access to the listed permissions. Authorize Service

Configure Auth0 SSO Integration

Enter a name for your SSO Integration, and click Save. Save Integration

Configure integration with Office 365

To configure the integration with Office 365, follow the instructions listed in the Tutorial view.

Office 365 Azure Active Directory Integration

Before you configure Auth0 with Azure AD:

DirSync was deprecated by Microsoft on April 1, 2021. To learn how to upgrade from DirSync to Azure AD Connect, read Azure AD Connect: Upgrade from DirSync.

Setup

  1. Open the Microsoft Azure Active Directory Module for Windows PowerShell.
  2. Provide your Office 365 Service Administrator account credentials.
    $cred = Get-Credential
    
  3. Create a context that connects you to Microsoft Azure AD.
    Connect-MsolService –Credential $cred
    
  4. Change the domain authentication from standard identity to single sign-on.
    Set-MsolDomainAuthentication -DomainName "your-office365domain.com" -FederationBrandName "your-office365domain.com" -Authentication Federated -PassiveLogOnUri "REDACTED" -ActiveLogonUri "REDACTED" -MetadataExchangeUri "REDACTED" -SigningCertificate "REDACTED" -IssuerUri "REDACTED" -LogOffUri "REDACTED" -PreferredAuthenticationProtocol WsFed
    

Enable connections

Choose the connections to use with your SSO integration. Users in enabled connections will be allowed to log in to Office 365. By default, all configured connections are enabled.

  1. Select the Connections view.

  2. Toggle the sliders next to connection names to enable or disable them. Enable/Disable Connections