Scenario
The current environment is as follows:
Desired Results
Present a link that will take the user directly to the FBA login and then authenticate them to SharePoint Online. Once logged in, SharePoint Online is presented via mydomain.sharepoint.com. There is no Office 365 login presented.
Solution
If you don't mind having a long URL (which can be easily added to an anchor tag in HTML), here is a solution for the desired results:
The current environment is as follows:
- Office 365 is configured for SSO with ADFS 2.0
- ADFS is running forms based authentication (FBA) using a custom domain (@mydomain.com)
- Office 365 version is E3 Plan
- SharePoint Online TeamSites is implemented and accessible via mydomain.sharepoint.com
- Navigating to mydomain.sharepoint.com prompts the user for Office 365 login. Entering user@mydomain.com provides a link to login at the domain. Clicking the link presents the form to sign-in on the ADFS server
Desired Results
Present a link that will take the user directly to the FBA login and then authenticate them to SharePoint Online. Once logged in, SharePoint Online is presented via mydomain.sharepoint.com. There is no Office 365 login presented.
Solution
If you don't mind having a long URL (which can be easily added to an anchor tag in HTML), here is a solution for the desired results:
- Logout of Office 365, Windows Live, etc.
- In a new browser, enter the SharePoint Online address (e.g. mydomain.sharepoint.com)
- Enter a domain user (e.g. steve@mydomain.com) into the Office 365 login. A link appears to login to the domain.
- Click on the link.
- Copy the current URL from the browser and paste it into Notepad (or other text editor)
- Remove the &username portion in the beginning (e.g. &username=steve%40mydomain.com)
- The URL at this will work but I did see issues when having other people test it. Therefore, also remove "%252F%255Fforms%252Fdefault%252Easpx" that appears in the URL after the sharepoint%252Ecom (or whatever your .com is).
Hi Steve,
ReplyDeleteHAPPY NEW YEAR!
Thank you very much for sharing a great article. Are your steps posted above the solution to the challenge we are having below?
• We are using Project Online with SharePoint Online with Office 365.
• We are trying to find a solution to brand/ (if branding is not possible) get rid of the Office 365 log in page.
• What we are trying to achieve is:
• 1. Users click on a link, say: https://abc.sharepoint.com/project1/
• 2. Instead of seeing Office 365 login page, we would like them to be able to see the login page with our own brand or a login box to enter username and password.
Sincerely, we really appreciate your kind help.
Charlotte Tang
charlottetang10@hotmail.com
Yes. My steps will solve your problem but you must have forms-based authentication implemented in ADFS.
DeleteThank you! I found this very useful. Works perfectly.
ReplyDeleteHi Steve,
ReplyDeleteThis is great information. Our environment is very similar. This is what ours looks like:
Office 365 is federated through Okta
Office 365 version is E3 Plan
SharePoint Online TeamSites is implemented and accessible via mydomain.sharepoint.com
Navigating to mydomain.sharepoint.com prompts the user for Office 365 login. Entering user@mydomain.com provides a log in screen once user authenticates through Office 365 they in.
Do you know of a way to bypass the authentication through Office 365 if our federation is through a third party (Okta)?
Thanks,
Ga-Hsin
You would probably need to discuss with Okta.
DeleteHi Steve,
ReplyDeleteI read the FBA article in your blog, Its really very impressed me
Dear Steve Mann,
ReplyDeleteWould you mind to show me how to configure forms-based authentication implemented in ADFS for SharePoint ?
Many thanks,
David
I haven't done this in awhile. I remember there being a ton of steps. I believe I have screenshots that you may be able glean the process.
DeleteCan you share me your sreenshots ? I have one Sharepoint 2013 web app with mixed authentications (Windows, FBA and SAML token-ADFS). Now SAML users have Single Sign On (SSO) for all SharePoint sites and SharePoint-hosted Apps. Is it possible for FBA users also have SSO ? If so, please show me the guides. Thanks
ReplyDeletesend me an email.
DeleteSteve at stevethemanmann.com