Integrate Office 365 in Okta

Get started by deploying Office 365 in your Okta orgThe Okta container that represents a real-world organization.. Then enhance the capabilities of the integration by using other topics on this page.

Deploy Office 365 in your Okta org

Microsoft Office 365 deployment guide

Use this guide if you are just getting started.


Jump to a specific part of the deployment guide from the following list:

  1. Add Office 365 to Okta
  2. Provision users to Office 365
  3. Configure Single Sign on for Office 365
  4. Assign Office 365 to users and groups
  5. Secure Office 365 using app sign-on policies

Advanced integration topics

Office 365 Client Access Policies

Harden the security for Office 365 by adding extra sign-on policies.


Enhanced provisioning and deprovisioning for Office 365

Configure enhanced provisioning and deprovisioning options or map custom attributes in the user profile.


Provide Microsoft admin consent for Okta

For Office 365 apps such as Yammer or Dynamics CRM, Okta needs your consent to authenticate and authorize the end usersEnd users are people in your org without administrative control. They can authenticate into apps from the icons on their My Applications home page, but they are provisioned, deprovisioned, assigned, and managed by admins. on your behalf.


Skip importing groups during Office 365 user provisioning

Import groups later while federating Office 365. Focus on provisioning first and group assignments later.


Enable Microsoft Office 365 apps

Add new Office 365 apps to the end user dashboard.


Using Group Push

Push groups from non-AD directory services and third party apps to Office 365.


Move Microsoft Office 365 from SWA to WS-Federation

Change Office 365 single sign on method from SWA to WS-federation.


Configuring the Okta Template WS Federation Application

Create custom WS-Federation-enabled applications.


Office 365 Silent Activation: New Implementations

Enable silent activation for shared workstation or VDI environments.


Use Okta MFA to satisfy Azure AD MFA requirements for Office 365

Let Okta handle the MFA requirements for Azure AD MFA.

Early Access features

Early access (EA) features are opt-in features available either upon request to Okta Support or in the Feature Manager. See Manage Early Access and Beta features to learn how to enable these features. The following list contains EA features related to Office 365.


Enforce Okta Device Trust for Exchange ActiveSync on OMM-managed iOS devices

Configure the iOS mail app to prevent users with unmanaged devices from accessing Microsoft Office 365 Exchange ActiveSync.


Supported user profile attributes for Office 365 provisioning

Provisioning options for Office 365

Deprovisioning options for Office 365

Office 365 - Frequently asked questions