I have set up Office 365 for single sign-on in a dev environment and it is working. Now, I need to do some testing and have to disable SSO in this environment before turning it back on. I disabled the application but I am still being brought to the SSO landing page. Are additional steps necessary to disable the application other than checking the box in the application properties?
If you don't want the O365 icon in the portal, on the RSA side, you would need to delete the application configuration.
On the O365 side I believe you un-federate with powershell command:
"Set-MsolDomainAuthentication -DomainName <domain> -Authentication Managed"
If users are going directly to O365 (SP-initiated) then just un-federating would be enough to prevent O365 from reaching out to the RSA IdP for authentication.
Hope that helps,
Ted