Assign Office 365 to Groups
Assigning usersIn Okta literature, we generally refer to "users" as the people who serve as Okta administrators. When we refer to "end users" we are generally referring to the people who the administrators serve. That is, those who use Okta chiclets to access their apps, but have no administrative control., one by one, isn’t a scalable approach. Therefore, Okta allows you to assign groupsGroups allow you to organize your end users and the apps they can access. Assigning apps to large sets of end users is made easier with groups. to applications instead. This dramatically improves your ability to manage who can access Office 365 and what accounts are created. Note that assigning the group to the Office 365 appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. in Okta does not actually create a group in Office 365. It’s just a mechanism by which to define what users in Okta can login to Office 365.
The most common type of group to use is from Active Directory. If you want all users in all AD domains to have access to Office 365, simply assign each “DomainA domain is an attribute of an Okta organization. Okta uses a fully-qualified domain name, meaning it always includes the top-level domain (.com, .eu, etc.), but does not include the protocol (https). Users” group from all connected AD domains. Note you can use any group in Okta. So if you are using Okta to manage contractor accounts, and they also require access to Office 365, you can assign a native Okta group to provision contractor accounts to Office 365.
When assigning groups to apps with provisioning enabled, you don’t have the ability to override the Username. The Username defaults to whatever is set on the single sign on page or if you are using Universal Directory, the mapping/expression will define the username.
There are two ways to assign groups to apps: through the application and the group.
Assign Office 365 to Users through the App
- Click on the Applications tab and click on the Office 365 application.
Go to Assignments tab > Groups tab.
- Start typing into the search box and a list of groups will start to appear.
- If you have provisioning of new users to Office 365 enabled, selecting one of the groups will display the option to choose what license and what role/s you want users in this group to have. Otherwise Okta will just assign the group to the application.
Assign Office 365 to Users through the Group
- Navigate to Directories > Group from the AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. dashboard.
- Scroll or search for the group you want to assign to Office 365 and choose it.
- Click on the Manage Apps button and you will see two lists, one that shows all applications not assigned to the group and the ones that are. Simply scroll to the Office 365 application (you can also search using the box between the lists) and add it.
- Once again, if provisioning of users to Office 365 is enabled on the app, you will be asked to specify what licenses and roles users should get.