Office 365 - Bypass AuthPoint for Deskbound users
We are trialing Authpoint for Office365 - We have around 10 users actively using Office 365 but only 5 AuthPoint trial users.(We'll be growing to 200+ users over the next 12 months)
I've implemented "safe locations" for our 5 users and it seems to work well, but unfortunately the safe locations don't apply to the other 5 users who don't have an account in AuthPoint so it continues to prompt for username/password - And now those users cannot access Office 365 as I don't have any spare accounts, and seeing as the federation of the domain on Office 365 is global there is no way to bypass this.
It has also occurred to me that the Safe Locations is only group based, meaning it only works for users that are registered on AuthPoint - Does this mean that every user that I want to use Office 365 needs to have an AuthPoint account even though most are deskbound and will never use MFA as they'll only be connecting from inside a "safe location"?
If so, it seems odd to be forced to pay for accounts that won't be using the service - Shouldn't the "Safe locations" be available to be assigned at the resource level so AuthPoint is bypassed completely? I don't really see the point if you have to essentially log into AuthPoint before the safe locations come into play.
Also, is there anyway to make the logon process seamless? Users have to type in their username/email address into the Watchguard AuthPoint prompt even from a safe location which breaks the Seamless SSO solution implemented with Office 365. I guess this wouldn't be an issue if the Safe Locations were applied at the resource level...?