Sign up for Office 365
Learn more about Office 365
Does O365 MicrosoftOnlineServices MFG (OrgId) accept a hand crafted SAML1.0/2.0 token that look exactly like ADFS2.0 tokens?
Basically I want write an adapter (generated using WIF SDK) to our existing non-AD directory service; expose it as passive end point to browser clients for Identity federation.
Our plan is to perform below using O365 local PowerShell API…
Below is what happens in a typical user scenario:
Before moving on, I would like to confirm if you want to user a hand crafted SAML1.0/2.0 token for Single Sign-On.
If this is the case, based on my research, currently Office 365 doesn't support other federations except for ADFS 2.0.
You may refer to the link below for Single sign-on: Roadmap:
However, you can deploy two-factor authentication with ADFS for a strong authentication.
Thanks for your understanding.
For more information about how to use SMTP matching to match on-premises user accounts to Office 365 user accounts for Directory Synchronization, please have a look at the KB below:
Thanks so much for your reply; I expected a first reply something along above lines.
If you analyze & understand how things work in O365-> MFG ->ADFS2.0 passive authN flow, a SAML token was posted back from on-premise ADFS2.0 instance to MFG after user authentication. After all, the ADFS2.0 passive endpoint is an ASP.NET application.
Also, I heard O365 will support Shibboleth going forward. Therefore I expect little more technical reason (if there is any) why I cannot write an adopter to non-AD directory services and expose is as a passive endpoint.
Support for AD FS is limited to break/fix issues related to it's implementation with Office 365 as documented. Any and all other development and/or future design and non-standard implementations are outside of our scope and we are unable to provide any future information or guidance in any way.
Others here in the community may be working on similar issues and I hope they will "chime in" if they can add anything to the discussion.
Mickey LevineOffice 365 Forum Support