This topic contains detailed requirements on the protocol and message formatting that your SAML 2.0 identity provider must implement to federate with Azure AD to enable sign-on to one or more Microsoft cloud services (such as Office 365).

saml 2 0 response validating-32

We recommend ensuring that your SAML 2.0 identity provider output messages be as similar to the provided sample traces as possible.

This existing user directory can be used for sign-on to Office 365 and other Azure AD-secured resources.

The SAML 2.0 SP-Lite profile is based on the widely used Security Assertion Markup Language (SAML) federated identity standard to provide a sign-on and attribute exchange framework.

This topic contains instructions for solution implementers of a Microsoft cloud service who want to provide their Azure Active Directory (AD) users with sign-on validation using a SAML 2.0 compliant SP-Lite profile based Identity Provider as their preferred Security Token Service (STS) / identity provider.

This is useful where the solution implementer already has a user directory and password store on-premises that can be accessed using SAML 2.0.

The following clients are also available in this sign-on scenario with SAML 2.0 identity providers: All other clients are not available in this sign-on scenario with your SAML 2.0 Identity Provider.For example, the Lync 2010 desktop client is not able to login into the service with your SAML 2.0 Identity Provider configured for single sign-on.Third party SAML Providers are supported with Modern Auth Office 365 clients without having the need to validate them with the Works with Office 365 program.For more information see Office 365 SAML 2.0 Federation Implementer’s Guide.Microsoft supports this sign-on experience as the integration of a Microsoft cloud service, such as Office 365, with your properly configured SAML 2.0 profile based identity provider which we will henceforth refer to as the SAML 2.0 identity provider.SAML 2.0 identity providers are third-party products and therefore Microsoft does not provide support for the deployment, configuration, troubleshooting best practices regarding them.