See attached document for a detailed description of the Archive's Microsoft Office365 and Outlook Integration with Single Sign-On including implementation instructions.
Can we utilize SSO without the O365/Outlook integration and vice versa?
- SSO and O365/Outlook integration are two stand-alone features which - when utilized in tandem - provide the end user with a seamless login process from MS environments to the archive
- SSO without the O365/Outlook integration requires users to have a direct link to the login page of View Archive
- O365/Outlook integration without SSO requires users to have unique View Archive credentials
Can I white-label the O356 tile and the Outlook add-in?
- The O365 tile can be white-labeled by default. The Admin chooses the text and image shown in the UI during setup. As a courtesy, Sonian provides a properly sized generic magnifying glass image should you choose to use it
- The Outlook add-in can be white-labeled should your accounts be utilizing white-labeling
- The URLs needed for setup (slide 12) will inherit the account’s white-labeled URL
- The text (ribbon button only) and the image (both the ribbon button and message add-in) are embedded into the manifest (slide 21) and are intentionally generic
- Should you want to use something other than what is embedded in the manifest, simply upload the manifest into Exchange via the Upload option rather than the URL option and edit the manifest with your preferences prior to uploading
Can some of my users login directly with credentials and others via SSO?
- At this time, only one login method can be enabled per account at any given time
Can I use SSO if our organizations only uses On-Prem Exchange?
- Microsoft offers a free service called Azure AD Connect which allows you to sync your on-prem Active Directory account to a cloud-based Azure Active Directory account. Once synced, SSO as well as the self-registration option, can authenticate the users from Azure Active Directory and will work as designed. For more information from Microsoft on Azure AD Connect and instructions for implementation, please visit: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnectsync-whatis
Can third-party users access an account via Microsoft SSO with an external email address?
- Provided the external email address is also associated with a Microsoft-based account and the third-party user exists in the account with its external email address, that user will be authenticated. This is the method that should be used when a partner admin, legal counsel, or other third-party needs to access the system
Can the SSO functionality connect to services other than Microsoft?
- SSO is built on OpenID Connect and thus can be utilized with most services that accept OAuth 2.0 protocol. Currently, the integrations available out of the box are with Microsoft and Google, but we plan on adding other email providers as well as identity management systems (ie. Okta, Centrify, etc.) Please contact support if you would like to request SSO integration with a specific service or leave your feedback here.