Steps to configure single sign-on for Office365
- Log into Zoho Vault as an administrator.
- Navigate to Apps > Manage Apps > Add Supported App.
- Search for and select Office365.
- Click Next.
- Copy the Zoho Vault details from the screen or download the details as a metadata file by clicking the Download MetaData File option.
- Click Next.
- Select users to have single sign-on permissions for Office365. You can revoke user access at any time.
- Click Save.
Office365 configuration steps
- Open PowerShell with Admin rights.
- Enter the below command:
$cred = Get-Credential
- In the pop-up that appears, enter the username and password of your Office365 administrator account.
- Connect to MsolService using the following command:
Connect-MsolService -Credential $cred
Get-MsolDomain
- Enter the domain for which you would like to enable SSO:
$dom = "mycompany.com"
- Enter the Login URL for $url and $uri commands and Logout URL $logouturl that you copied from the Zoho Vault IdP details page.
- Paste the certificate value copied from Zoho Vault's IdP details page for the below command:
$cert = "MIICqjCCAhOgAwIBAgIJAN..........dTOjFfqqA="
- Run the below command to enable SSO in Office 365:
Set-MsolDomainAuthentication -DomainName $dom -FederationBrandName $dom -Authentication Federated -PassiveLogOnUri $url -SigningCertificate $cert -IssuerUri $uri -LogOffUri $logouturl -PreferredAuthenticationProtocol SAMLP
- If you are already using SSO for Office 365 from another identity provider, you can disable SSO in Office 365, and then reenable for Zoho Vault. To disable SSO in Office 365, use the command below:
$dom = "mycompany.com"
Set-MsolDomainAuthentication -DomainName $dom -FederationBrandName $dom -Authentication Managed