- Overview
- System Requirements
- AuthX Factor Support
- Configuration Steps on AuthX
- AuthX Admin portal – Office 365 application creation steps
- Office 365 Configuration (How to Run the Script)
- SAML as SP – Office365 (SSO with AuthX Identity)
- SAML as SP and Office 365 (Passwordless SSO with AuthX Identity)
Overview
AuthX integrates with Security Assertion Markup Language (SAML) to add two-factor authentication to Office 365. This SAML integration works for different web services
System Requirements
AuthX Authentication for server operating systems.
Server
-
Windows Server 2012
-
Windows Server 2012 R2
-
Windows Server 2016
-
Windows Server 2019
AuthX Factor Support
AuthX for SAML support these factor types for 2FA:
-
Push
-
TOTP
-
Face
-
Pin
-
Phone SMS
-
Phone Call
-
Email
-
Fingerprint
-
RFID
-
Hardware Token
Configuration Steps on AuthX
Pre-Requisite
-
Make sure to have an AuthX account, you can signup here https://admin.authx.com/signup
-
Make sure to have an Office 365 account, you can signup here https://www.office.com/
-
The email id which we are using while account creation should be an Active user (same email ID) in AuthX portal & Office 365
-
AuthX Admin portal – Office 365 application creation steps
-
Login to AuthX Admin portal.
-
Navigate to the Applications tab
-
Click Protect Application and select Protect for Office 365
-
Provide your inputs on the Application Name, Access Management Options, Domain Name, Cookies Expiry and Attribute
-
Application name – Random characters allowed
-
Access Management Options
-
SSO with AuthX Identity
-
Login using AuthX Registered Email address and password followed by the authentication factor enrolled for the user
-
-
SSO with 3rd party Identity Provider (Under Construction)
-
Login using configured 3rd party SAML identity provider
-
-
SSO with MFA for 3rd Party Identity Provider (Under Construction)
-
Login using configured 3rd party SAML identity provider followed by authentication factor enrolled for the user in AuthX
-
-
Passwordless SSO with AuthX Identity
-
Use any of the enrolled authentication factor in AuthX to access the application
-
-
-
Cookies Expiry
-
Select any options listed here
-
One time
-
On every login, user to provide the Username & Password while login
-
-
8 hours
-
Every 8 hours, user to provide the Username & Password while login
-
-
One day
-
Every 24 hours, user to provide the Username & Password while login
-
-
Max (7days)
-
7 days once, user to provide the Username & Password while login
-
-
-
-
6. Save the application
7. Again Choose Office365 application and edit it
8. Download the Script from application
Office 365 Configuration (How to Run the Script)
-
Pre-requisite – Make sure you have a authx domain active user in Authx Company
-
Open the Microsoft PowerShell and run in Administrator Mode
-
Go to Downloads Folder and open the downloaded script in Notepad
-
Copy the First line from the script opened in note pad and paste it in PowerShell and Press Enter
-
Following pop-up window appears and provide the Office 365 admin credentials here
Copy remaining script till last but one line from the notepad and paste in the PowerShell and Press Enter
-
Finally, copy the last line from the notepad and paste in the PowerShell and Press Enter
SAML as SP – Office365 (SSO with AuthX Identity)
-
Go to https://www.office.com/ and provide the user credentials
-
A new tab opens up SAML login
-
Login with the user portal credentials here
-
Use any of the Auth factors to successfully login
-
User redirected to Office 365 dashboard
SAML as SP and Office 365 (Passwordless SSO with AuthX Identity)
-
Go to https://www.office.com/ and provide the user credentials
-
A new tab opens up SAML login. Provide registered user email id.
-
Use any of the Auth factors to successfully login
-
User redirected to Office 365 dashboard