Forum Discussion
Office 365's new "Modern Auth"
Hi All,
We've just heard a rumor that Microsoft have released a new authentication model for Office 365 which they are using with Exchange Online and Skype for Business to start with.
Now we have been told that with this new authentication model that ADFS being fronted by APM for authentication/acting as an ADFS proxy is not and will not be supported due to the change in the way authentication works. From what we can tell, it will only break application clients (ActiveSync/Office/Skype) that aren't just a web page, but we really don't have much detail.
Does anyone have any experience with Office 365 off-prem setups and the new Modern Authentication model? Can anyone confirm that it doesn't in fact work? Is there anyone from F5 who has advice on if it's on the road map for being fixed/addressed/investigated?
Thanks in advanced.
- ndaemsNimbostratus
Thank you Michael !
If Azure AD is the IDP, then APM cannot be used to provide authentication. It can only be used in front of on-prem ADFS, another on-premier IDP, or having APM itself be an IDP to Office 365
- ndaemsNimbostratus
Hi,
Even if this post if very old we are trying to implement ModernAuth on our Hybrid infrastructure
We would like to use Azure AD as an IdP. Today we stuck as we never get the password popup in outlook.
Can you please describe how you did this setup especially how you've been able to redirect Outlook to the APM Logon Page ?
Thank you
Nicolas
Andrew,
I am not sure where you're getting the information about Modern Authentication breaking APM-as-ADFS-proxy deployment, but I think there may be some confusion going on around this change.
Modern Authentication mode, aka ADAL, are leverage web browser for authentication of thick clients, and such mode of authentication is fully compatible with APM. If anything, support for Modern Authentication brings out additional opportunities for F5 customers who are using APM because they are free to leverage a multitude of MFA options to secure access to Office 365 and potentially simplify their federation configuration by having APM federate users to Office 365 instead of ADFS.
To get an idea of what new possibilities Modern Authentication brings, check out this video that I recorded about securing access to Officee 365 from the full Outlook client leveraging MFA. https://www.youtube.com/watch?v=s5W6cgrxyrY
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com