Showing results for 
Search instead for 
Do you mean 
Reply
Agency Analyst
Posts: 66
Registered: ‎04-06-2011

Office 365 App login via ADFS - why not?

OK I know it's not supported, but can anyone explain why? This is the first question I'm asked after informing a customer (usually large, for us) that they cannot use the app because they're using Active Directory Federated Services (ADFS).

 

There are several reasons for ADFS authentication to fail, but the most popular cause I've seen is using a non-SNI capable client. Is that the reason? Are they failing to login because they are seeing connection resets and multiple certificates?

Dave
Xerox Employee
Posts: 152
Registered: ‎05-10-2013

Re: Office 365 App login via ADFS - why not?

Hello, Dave. 

 

 

Support for this configuration would require a custom implementation for each customer supporting ADFS authentication.  
 
In general, if a customer has a specific system for authorization (ie; ADFS) it would require us to create a specific app to register on their system and a new connector for that app.  This app and connector would be only usable by this one customer.  
 
Please let us know if there are additional questions. 
Thanks!
New Member
Posts: 2
Registered: ‎10-23-2016

Re: Office 365 App login via ADFS - why not?

I know this is > a month old but becomming a more popular subject, so figured I would follow-up...

 

For users of O365 with ADFS or using any other SAML-based identity provider for O365, it seems the Xerox App can not handle authentication...

 

HOWEVER, as a workaround, I've found you can have an O365 tenant administrator create an account directly in O365 specifically for the Xerox device(s) to use.

 

Login creds would be: AccountName@TenantName.onmicrosoft.com

 

Seems to be a workaround without having to leverage ADFS or other federated identity providers.  Not ideal, but seems to work if you use the entire onmicrosoft domain in the userID path.

 

Highlighted
Xerox Employee
Posts: 152
Registered: ‎05-10-2013

Re: Office 365 App login via ADFS - why not?

Hello. 

 

Thank you for the post.

 

Yes, that would seem to work for ADFS customers as a workaround to connect to O365 via the App.  

 

The App. also supports custom O365 domain accounts.  So, if a client happens to be using that configuration, their login creds would be similar to:   domain\useraccount@customerdomain.com

Note: the domain and customerdomain do not necessarily match.  It depends on how the account was set up. 

 

Thank you for sharing this information!