Mar 07 2018
09:43 AM
- last edited on
May 24 2021
02:33 PM
by
TechCommunityAP
Mar 07 2018
09:43 AM
- last edited on
May 24 2021
02:33 PM
by
TechCommunityAP
Hi, I'm looking into how to share files from SharePoint and/or OneDrive (Office 365 EMS E3 account) with authenticated external users. In this case the user has a Gmail account, but ideally would like to be able to arbitrarily "trust" certain domains to handle authentication in the remote IdP so that there's no additional work for the 3rd party user to do as long as they are signed into their 3rd party account.
From this article and the others in the series: https://alpeshnakar.com/invite-external-user-to-office-365-via-sharepoint-online/
It looks like this is possible as long as the user has a Google business account. If so, is there any more configuration for me to do on the AAD side, or does AAD implicitly trust Google as an authentication service? Furthermore, what if I wanted to trust some other 3rd party authenticator (IdP), such as an organization who used Okta, or iCloud, or some other cloud IdP? There has to be some way to tell AAD which IdPs to trust and for which domains, but I can't find it anyplace. Is there such a thing, or does AAD only trust the big IdPs and you can't change it?
Thanks.
Mar 07 2018 10:32 AM
Here are couple of links which can be of some help
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-google-apps-tutorial
Mar 07 2018 11:09 AM