Automatic setup of Single Sign-On(SSO)Follow
In Workspace 365 you have the possiblity to configure Single Sign-On. You can choose to configure the following methods:
- Forms (no Single Sign-On)
- Web Services Federation
- oAuth2 (recommended)
You can setup Single Sign-On during first initial registration and configuration or in the settings page of Workspace.
To setup Single Sign-On automatically, choose the "Automatic setup". Workspace 365 will create an Azure AD application with the permissions you will grant. By default SharePoint and Exchange are checked. Additional you can choose to add Power BI permissions to the application.
Make sure when you want to save the application, your Office 365/Azure AD password is filled in and that you check "I give Workspace 365 permissions to create an Azure AD application to provide Single Sign-On."
When you are done with this configuration, click "Done". After you click done, you will be redirected and signed out. After you are redirected, you will get a concent of all previous set permissions. You have to accept these permissions.
You need to consent on behalf of your organization, because otherwise these permissions are only granted for Admins in your tenant.
Be aware that these permissions are only granted for administrator in this tenant. You have to grant it for all users. If you do not "Grant Permissions" you will receive the following error while trying to log in to the workspace: "Need admin approval"