Integrate Office 365

Get started by deploying Office 365 in your Okta orgThe Okta container that represents a real-world organization.. Then enhance the capabilities of the integration by using other topics on this page.

Deploy Office 365

If you are just getting started, use Microsoft Office 365 Deployment Guide for step-by-step instructions. You can also quickly jump to a particular section of the guide from the following list:

  1. Add Office 365 to Okta
  2. Provision users to Office 365
  3. Configure Single Sign on for Office 365
  4. Assign Office 365 to users and groups
  5. Secure Office 365 using app sign-on policies


Advanced integration topics

Once you have Office 365 set up and running in your Okta org, you can use the following topics to enhance the integration.


Office 365 Client Access Policies

Harden the security for Office 365 by adding extra sign-on policies.


Provide Microsoft admin consent for Okta

For Office 365 apps such as Yammer or Dynamics CRM, Okta needs your consent to authenticate and authorize the end usersIn Okta literature, we generally refer to "end users" as the people who have their own Okta home page (My Applications), using chiclets to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control. on your behalf.


Enhanced provisioning and deprovisioning for Office 365

Configure enhanced provisioning and deprovisioning options or map custom attributes in the user profile.


Skip importing groups during Office 365 user provisioning

Import groups later while federating Office 365. Focus on provisioning first and group assignments later.


Enable a Microsoft Office 365 Chiclet

Add new Office 365 apps to the end user dashboard.


Using Group Push

Push groups from non-AD directory services and third party apps to Office 365.


Moving Microsoft Office 365 from SWA to WS-Federation

Change Office 365 single sign on method from SWA to WS-federation.


Configuring the Okta Template WS Federation Application

Create custom WS-Federation-enabled applications.


Early Access features

Early access (EA) features are opt-in features made available by request to Okta Support. Super Admins can enable or disable some EA features in the admin console under Settings > Features. For more information, see Manage Early Access and Beta features . The following list contains EA features related to Office 365.


Office 365 Silent Activation

Enable silent activation for shared workstation or VDI environments.


Use Okta MFA to satisfy Azure AD MFA requirements for Office 365

Let Okta handle the MFA requirements for Azure AD MFA.


Enforce Okta Device Trust for Exchange ActiveSync on OMM-managed iOS devices

Configure the iOS mail app to prevent users with unmanaged devices from accessing Microsoft Office 365 Exchange ActiveSync.



Supported user profile attributes for Office 365 provisioning

Office 365 - Frequently asked questions