ComponentSpace

Forums



Microsoft 365 Integration Guide


Microsoft 365 Integration Guide

Author
Message
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K

This document describes SAML SSO integration with Microsoft 365 acting as the service provider.

ComponentSpace SAML for ASP.NET Core Microsoft 365 Integration Guide



Regards
ComponentSpace Development
Manikandan
Manikandan
New Member
New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)

Group: Awaiting Activation
Posts: 9, Visits: 27
ComponentSpace - 10/10/2017

Have you tested this document because custom $logoffUrl =" my logout url" is not working 
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Yes. Please refer to the SP-Initiated SLO and IdP-Initiated SLO sections of the document.
SP-initiated SLO works as expected.
IdP-initiated SLO doesn't work. This is a limitation in Office 365. The recommendation is for the user to close the browser to complete logout.

Regards
ComponentSpace Development
Manikandan
Manikandan
New Member
New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)

Group: Awaiting Activation
Posts: 9, Visits: 27
ComponentSpace - 11/6/2017
Yes. Please refer to the SP-Initiated SLO and IdP-Initiated SLO sections of the document.
SP-initiated SLO works as expected.
IdP-initiated SLO doesn't work. This is a limitation in Office 365. The recommendation is for the user to close the browser to complete logout.

In my case this is how flow go
1, Call URL https://portal.microsoftonline.com/
2, given federated user id like [email protected]
3, Redirect to IDP site after successful login it will redirect to Office365 admin page
4, when I try to logout it is going Office logout page not going to Custom page
Tired to give different logout URL Like below
https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=http://google.co.in
and
 http://google.co.in
Both not working but in SAML response I am able to see URL   https://login.microsoftonline.com/common/oauth2/logout?post_logout_redirect_uri=http://google.co.in

 if i give only http://google.co.in not coming in SAML
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
SP-initiated SLO works so there must be some sort of configuration issue.
I suggest enabling SAML trace and sending the log file as an email attachment to [email protected] mentioning your forum post.
Also include the configuration in Office 365 by running the following command as described in our integration guide.
Get-MsolDomainFederationSettings-DomainName $domain


Regards
ComponentSpace Development
Manikandan
Manikandan
New Member
New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)

Group: Awaiting Activation
Posts: 9, Visits: 27
ComponentSpace - 11/7/2017
SP-initiated SLO works so there must be some sort of configuration issue.
I suggest enabling SAML trace and sending the log file as an email attachment to [email protected] mentioning your forum post.
Also include the configuration in Office 365 by running the following command as described in our integration guide.
Get-MsolDomainFederationSettings-DomainName $domain

I have sent log file and configuration file to the support
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Thank you for the log and configuration. I've replied to your email.
The LogOffUri should be the URL in your application where you will receive the SAML logout request by calling _samlIdentityProvider.ReceiveSloAsync().
You’ll see an example of this in our integration guide.


Regards
ComponentSpace Development
Manikandan
Manikandan
New Member
New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)

Group: Awaiting Activation
Posts: 9, Visits: 27
ComponentSpace - 11/8/2017
Thank you for the log and configuration. I've replied to your email.
The LogOffUri should be the URL in your application where you will receive the SAML logout request by calling _samlIdentityProvider.ReceiveSloAsync().
You’ll see an example of this in our integration guide.

Thanks for your Response, I am using below method for log out, is it right to do with this method?
SAMLIdentityProvider.ReceiveSLO(Request, Response, out isRequest, out hasCompleted, out logoutReason, out partnerSP, out relayState);

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
That's correct.
SAMLIdentityProvider.ReceiveSLO receives the logout request or logout response from the partner service provider.
In this case with Office 365 initiating SAML logout, SAMLIdentityProvider.ReceiveSLO will receive the logout request.
After logging out the user locally, call SAMLIdentityProvider.SendSLO to send a logout response back to the service provider.
These APIs are part of our SAML v2.0 for ASP.NET product.
There are similar APIs for our SAML v2.0 for ASP.NET Core product.
It sounds like you're using the ASP.NET product.
The ExampleIdentityProvider project demonstrates calling these APIs.

Regards
ComponentSpace Development
Manikandan
Manikandan
New Member
New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)New Member (9 reputation)

Group: Awaiting Activation
Posts: 9, Visits: 27
ComponentSpace - 11/8/2017
That's correct.
SAMLIdentityProvider.ReceiveSLO receives the logout request or logout response from the partner service provider.
In this case with Office 365 initiating SAML logout, SAMLIdentityProvider.ReceiveSLO will receive the logout request.
After logging out the user locally, call SAMLIdentityProvider.SendSLO to send a logout response back to the service provider.
These APIs are part of our SAML v2.0 for ASP.NET product.
There are similar APIs for our SAML v2.0 for ASP.NET Core product.
It sounds like you're using the ASP.NET product.
The ExampleIdentityProvider project demonstrates calling these APIs.

Thanks, yes i am using ASP.NET. i will check and get back to you
GO


Similar Topics


Execution: 0.000. 3 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search