From version 3.45 we have made a change to the Autotask configuration. To prevent issues, please check out our latest announcements for more information.
Hi ,
Welcome to the Support Portal. How can we help?
Follow

Introduction to Single Sign-On (SSO)

Table of Contents

 

Introduction

Once the Workspace has been created (either via API or using the Powershell script), Workspace 365/Office 365 administrators can enable Single Sign-On (SSO) for their Workspace 365 environment, which helps decreasing login procedures for Workspace users.

There are two SSO methods available:

  • oAuth2 (recommended)
  • Web Services Federation (only supported for on-premises versions of Workspace 365)

SSO can be set up in two ways:

  • Automatic (recommended)
  • Manual

When choosing the automatic setup of SSO, you automatically create a SSO App Registration for your Workspace environment in Azure, along with the corresponding API permissions for applications such as SharePoint and Exchange. If needed, you can always adjust these API permissions manually once SSO has been enabled. 

 

oAuth2

OAuth2 is an open standard for authorization, commonly used as a way for internet users to log in to third-party websites using their e.g. Microsoft, Google or Facebook accounts without exposing their password. Generally, oAuth2 provides to clients "secure delegated access" to server resources on behalf of a resource owner.

For a detailed description about this protocol, click here.

With configuration of oAuth2 in Workspace 365, you can sign in to Workspace via your current federation and you are able to use MFA, also called 2 Factor Authentication (2FA) or Multi-factor Authentication (MFA). 

 

SSO_2.png

You can setup Single Sign-On in Workspace 365 manually or automatically. The automatic setup is recommended.

Click here to find out how you set up oAuth2 using automatic configuration.

 

Web Services Federation

With Web Services Federation (WS-Federation or WS-Fed), you can set up a Federation with an ADFS and/or Azure. In this way the user does not directly sign in to Workspace 365 but via the federation application/server. In most cases this is Azure. This federation is based on the Web Services Federation protocol.

For a detailed description about this protocol, click here.

Back to top