Can you setup Authpoint Authentication to Office 365 by individual users
Hi, I have had this come in from one of my customers to ask if instead of setting up Authpoint to O365 and setting the federated domain, can you actually set it up on a user by user basis. Currently i cant see that this is possible as when you use the commands to set this up its by domain so anyone authenticating by that domain is forwarded to the Authpoint login page. They only want this as they didnt want to set up Authpoint for O365 for all users in one go and stage the process, also they have a number of service accounts that automatically connect to Azure and upload data so they were wondering if they can exclude these accounts.....
I know with O365 MFA you can do this on a user by user basis.
Sign In to comment.
Review James Carson's reply in this post:
Office 365 - Bypass AuthPoint for Deskbound users
Does this answer your question ?
Using Saml 2.0 on office 365 is all or nothing.
I think the only way to do what you need is using ADFS.
Agreed, but while using SAML will essentially redirect all users to AuthPoint, you could create a group within AuthPoint that will require passwords as normal, and exclude push, OTP, QR as a second method. Not perfect for a couple of reasons (the branding of the AuthPoint page redirected to, cannot currently be re-branded, for example - so all users will be pushed to a page that looks nothing like what they will be expecting).
We're using ADFS with O365, so I'm able to set an Access Control Policy to allow some users to bypass and it's BAU for them..
EDIT: Sorry, just saw this post was from a while ago. Let's say I'm fashionably late..
All Fireboxes (T-Series, M-Series, FireboxV, Firebox Cloud etc.); EPDR, Advanced EPDR/Cytomic, Orion (Threat Hunting); WiFi, AuthPoint. WSC/Cloud. Management of a few hundred Fireboxes, and a few thousand EPDR endpoints. Platinum Partner. Views my own (if any!).