Hey everyone! I'm trying to implement Single Sign-On (SSO) for our Microsoft services, but I'm hitting a wall. We're currently using Google Workspace for our business, but some team members need access to Microsoft Office and Teams. We have our own in-house identity provider (IdP) that supports both SAML and OIDC.
The goal is to streamline user management and improve security compliance by having everything centralized, including licenses and subscriptions. However, I'm not very familiar with Microsoft's systems and have tried various forums and resources, but I'm still stuck. My colleague had some experience, and he even purchased the Microsoft Entra ID P1 license, but we have yet to make progress.
I've attempted to configure SSO through the Microsoft Entra portal, but I'm struggling with domain validation even though I've set up the DNS records correctly. I'm wondering if the fact that our SSO is hosted on a different domain (like sso.mycompany.io as opposed to mycompany.com) could be causing this issue. I'm looking for any guidance or experiences anyone might have. Should I just hire a consultant at this point? Any help would be greatly appreciated!
2 Answers
Have you checked out the Microsoft documentation on adding a SAML/WS-Fed identity provider? That might help clarify some steps for setting things up. You should ensure you've followed all the instructions there to the letter, especially regarding domain validation.
I ran into a similar issue, and it's possible that your SSO being on a different domain is causing problems. Microsoft can be a bit finicky about domain verification, so double-check that your TXT record configurations are correct. It's annoying, but validation issues are a common headache.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures