000038049 - Federating multiple Microsoft Office 365 domains with the RSA SecurID Access Cloud Authentication Service Application Portal

Document created by RSA Customer Support Employee on Nov 26, 2019Last modified by RSA Customer Support Employee on Jan 3, 2020
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000038049
Applies ToRSA Product Set: SecurID Access
RSA Product/Service Type: Cloud Authentication Service
IssueOffice 365 is to be configured with the Cloud Authentication Service' Application Portal (SSO Agent) federating multiple O365 domains.

For each domain that is used with Office 365, a unique IssuerURI is required to be able to set up the federation.
ResolutionThe SAML integration between Office 365 and the Application Portal (SSO Agent) provides the ability to support multiple domains:
  • Add a distinct "Microsoft Office 365" application for each domain from: Cloud Administration Console > Applications > Application Catalog using the SAML integration method.  Each instance of the configured Microsoft Office 365 application provided a unique IssueURI that can be used when running the PowerShell commands that set up the federation between each domain and the Application Portal.
  • For each domain to be federated, follow the steps given by the "SSO Agent - SAML" section in the Microsoft Office 365 - RSA SecurID Access Implementation Guide to set up the integration between Office 365 and the Application Portal. Note: perform both Configure RSA Cloud Authentication Service and Configure Microsoft Office 365 steps.
Please review the implementation guide for additional information regarding this integration.
 
NotesThis solution does not apply if using WS-Federation integration between O365 and the RSA SecurID Access Cloud Authentication Service.

Attachments

    Outcomes