Skip to main content

Azure Portal – SSO Federation

Some notes on: how do you federate to the Azure Portal when there is no O365?

  1. Create a Azure AD Global Admin Service Account in the Azure Portal

  2. Make sure you have disabled security defaults:
    Microsoft 365: Disable Security Defaults

  3. Make sure you have added a domain to Azure AD:

  4. In Okta use the Office 365 app to federate with the Azure Portal, use the previously added domain and the newly created Service Account for “Office 365 Admin Username”, also configure username and provisioning (LCM) accordingly

  5. Assign users to the newly created app.

  6. If you want to have a link to the Azure Portal on the Okta Dashboard, create a bookmark app and adapt the following link (just replace azuread.thomasheinz.eu with your domain – that’s it)
    (You can also hide the Office 365 app from the users which you created in step 4.)

    https://login.microsoftonline.com/common/oauth2/authorize?response_type=id_token&client_id=c44b4083-3bb0-49c1-b47d-974e53cbdf3c&domain_hint=
    azuread.thomasheinz.eu&redirect_uri=https%3A%2F%2Fportal.azure.com%2Fsignin%2Findex%2F

Leave a Reply

Your email address will not be published.