Understanding Identity Federation

In companies with Federated Identity set up, users can sign into Office 365 services using their Active Directory credentials. The corporate Active Directory authenticates the users, and stores and controls the password policy.

With federated Identity, credentials are authenticated by on premises Active Directory Federation Services server and a logon token is obtained by the user so that the Office 365 sign-in service can verify them

To learn about the the major components of Identity Federation together with the data flow that occurs during Identity Federation logon from a client that is accessing Office 365 from the Internet see this diagram:


See also

  • Identify Yourself – One or Two Passwords? – link
  • Office 365 Single Sign-On with AD FS 2.0 whitepaper – link
  • Can I use UAG? – link

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s