Saml 2 0 response validating
Microsoft supports this sign-on experience as the integration of a Microsoft cloud service, such as Office 365, with your properly configured SAML 2.0 profile based identity provider which we will henceforth refer to as the SAML 2.0 identity provider.
SAML 2.0 identity providers are third-party products and therefore Microsoft does not provide support for the deployment, configuration, troubleshooting best practices regarding them.
This topic contains instructions for solution implementers of a Microsoft cloud service who want to provide their Azure Active Directory (AD) users with sign-on validation using a SAML 2.0 compliant SP-Lite profile based Identity Provider as their preferred Security Token Service (STS) / identity provider.
This is useful where the solution implementer already has a user directory and password store on-premises that can be accessed using SAML 2.0.
This existing user directory can be used for sign-on to Office 365 and other Azure AD-secured resources.
The SAML 2.0 SP-Lite profile is based on the widely used Security Assertion Markup Language (SAML) federated identity standard to provide a sign-on and attribute exchange framework.
The following clients are also available in this sign-on scenario with SAML 2.0 identity providers: All other clients are not available in this sign-on scenario with your SAML 2.0 Identity Provider.
The SAML 2.0 relying party (SP-STS) for a Microsoft cloud service used in this scenario is Azure AD.We recommend ensuring that your SAML 2.0 identity provider output messages be as similar to the provided sample traces as possible.Third party SAML Providers are supported with Modern Auth Office 365 clients without having the need to validate them with the Works with Office 365 program.For more information see Office 365 SAML 2.0 Federation Implementer’s Guide.
Once properly configured, the integration with the SAML 2.0 identity provider can be tested for proper configuration by using the Microsoft Connectivity Analyzer Tool which is described in more detail below.
For more information about your SAML 2.0 SP-Lite profile based identity provider, ask the organization that supplied it.