Create a Microsoft 365 SAML application
When Microsoft 365 is configured to use Specops Authentication for Single Sign-On (SSO), users who attempt to sign in to Microsoft 365 are redirected to Specops Authentication for authentication.
The user will be presented with a list of identity services based on the policy configured in Specops Authentication. To successfully authenticate, the user must complete one or more of these identity services. Once authentication is successful, a signed SAML assertion is generated and the user is redirected back to Microsoft 365, to complete the login.
These are the main steps to set up a Microsoft 365 application:
- Configure a Group Policy Object (optional)
- Create a Single Sign-On application
- Configure the Authentication Policy
- Configure Domain Federation in Entra ID
When a certificate is close to expiring, you can rotate it to generate a new certificate. This is described in: