Automatic setup of Single Sign-On(SSO)Follow
In Workspace 365 you have the possiblity to configure Single Sign-On. You can choose to configure the following methods:
- Forms (no Single Sign-On)
- Web Services Federation
- oAuth2 (recommended)
You can setup Single Sign-On during first initial registration and configuration or in the settings page of Workspace.
To setup Single Sign-On automatically, choose the "Automatic setup". Workspace 365 will create an Azure AD application with the permissions you will grant. By default, SharePoint and Exchange are checked. Additionally, you can choose to add Power BI permissions to the application.
The only thing these checks do is to simplify the setup of Workspace 365. You can always configure these options afterwards.
Make sure when you want to save the application or continue from the registration page, your Office 365/Azure AD password is filled in and that you check "I give Workspace 365 permissions to create an Azure AD application to provide Single Sign-On."
When you are done with this configuration, click "Done". After you click done, you will be redirected and signed out. After you are redirected, you will get a consent of all previously set permissions. You have to accept these permissions. When the request for a single sign-on token is sent to the Azure AD, the Workspace 365 page will ask you to wait for 1 minute.
But, if you receive an error at this stage, please check if there is only one Microsoft Office 365 account signed in, in the browser session. If you use multiple accounts, Google Chrome offers a nice option to quickly switch between user accounts. Click on the user icon (on the right of the url bar in Chrome).
There, you can add people by clicking ‘manage people’ or switch between users by clicking on the user.
You need to consent on behalf of your organization, because otherwise these permissions are only granted for Admins in your tenant.
Be aware that these permissions are only granted for administrator in this tenant. You have to grant it for all users. If you do not "Grant Permissions" you will receive the following error while trying to log in to the workspace as a user: "Need admin approval"