I used the these directions as a guide:
CONFIGURING DESKTOP SSO
CONFIGURING DESKTOP SSO USING A REMOTE AUTHENTICATION SCRIPT IN IIS
Note: this is optional. You can use DirSync if you prefer. Consult the documentation for the advantages and disadvantages of the respective options.
Note: take notice of the pre-requisites listed in the "Before you begin" section.
Introduction to Office 365 Integration with OneLogin
Although I have edited out my personal information above , we would enter:
- Our organization's registered domain, for example: contoso.com
- An Office 365 account name (a global administrator account is recommended).
- The password of this account.
We would use the following format for the "API user name":
So, using the same fictitious example as above:
We then click on the blue "Connect" button (notice that the default status is "Not Connected" (in red).
That opens the Microsoft Azure assistant (or wizard) where we logon to Office 365...
And grant access OneLogin access to Office 365:
If all goes well, the status of the "API Connection" should change to "Connected" (in green):
Moving to the Parameters tab, we map Office 365 attributes to OneLogin attributes. Three are required and (at least in my case) were already configured by default:
Next, I will adjust settings under the SSO tab.
Note: I will not present all tabs and related information since not all are necessary for the configuration of SSO.
Then click on "Enable automatic SAML configuration" (above).
The following message displays, essentially reminding us once again that the domain, API username and API password must be correct. Click on continue:
OneLogin federates your account with Office 365:
Note: it can be defederated if necessary.
Click the "Enable" option (see above) to use OneLogin provisioning.
The other options were already checked by default.