SSO using microsoft causing strange behaviour

lock
push_pin
done
Besvaret
1

I've been setting up SSO for a customer, as i've done many times before. But this time it's rather strange.

The behaviour i'm seeing, is, if the customer logs on using their alias email like full.name@domain.com they gets redirected to microsoft authentication, logged in, and then back to superoffice, where they are then prompted to receive a welcome email, like if the user was new - bear in mind they signed in to the user 5 minutes earlier before sso was enabled.

 

If i then change their username to the actual username in AD, they are prompted for their password in SuperOffice, and never redirected to the microsoft login. 

The email username is now initial based, like fn@domain.com

 

But despite the domain being registered for SSO, it is not regocnized.

 

I used this article to set it up, like i've done many times before: https://docs.superoffice.com/en/online/identity/superid/howto/register-idp.html 

 

Anyone know what i can do, and what's causing this?

9. jan. 2024 | 09.55 AM

Alle Svar (1)

Their UPN in Microsoft needs to match the username in SuperOffice, otherwise you get strange results. (https://docs.superoffice.com/en/online/identity/superid/howto/map-idp-usernames.html)

9. jan. 2024 | 11.59 AM

Tilføj svar