![]() ![]() ![]() The Office client will behave exactly as a Web Browser when authenticating, it will send the Access Token requests directly to the authentication provider instead of sending username and password to the resource, and if you are enabled for MFA, you will get the exact same behavior you get when accessing OWA or SharePoint Online goodbye pop-ups and App Passwords, hello real SSO and MFA!īy default, your Exchange and Skype for Business Online tenants are not enabled for Modern Authentication. Now, let me take this time to further break down how Modern Authentication works. The chart below shows the availability of Modern Authentication across Office apps: This enables sign-in features such as Multi-Factor Authentication (MFA), SAML-based third-party Identity Providers with Office client applications, smart card and certificate-based authentication, and it removes the need for Outlook to use the basic authentication protocol. Modern Authentication brings Active Directory Authentication Library (ADAL)-based sign-in to Office client apps across platforms. Instead, Outlook uses the Outlook Anywhere function, and unfortunately, requires the use of Basic Authentication, meaning you must enter in a username and password every time, unless you of course, cache the credentials.įor a long time, most of my clients would ask me “is Microsoft ever going to change this?”, and would state “well this defeats the purpose of utilizing ADFS for true SSO.” And I agree, but now, it seems like Microsoft’s ears were ringing, because the wish of using Outlook with Office 365 and not having to cache credentials has been granted!īut how does this work, and what limitations are there? I’ll explain in this article. To catch you up to speed, when users connect to Office365 via Outlook, they cannot utilize ADFS to do a true Single Sign On (SSO) experience. Now for those who may be curious about moving to Office 365, you are probably wondering what I’m talking about. And if your company is one of those who has migrated to Office 365, then you are probably aware of the one struggle that everyone who’s ever moved to 365 has had to deal with – saving credentials for Outlook. We’ve heard the name and you probably know someone that has migrated from their on-premises Exchange organization to it. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |