Sunday, October 11, 2015

Office 365 with OneLogin: Part 4

In this blog post, I'll take a look at the user experience with OneLogin: how does the user connect to their Office 365 mailbox using either Outlook Web App (OWA) or Outlook, now that OneLogin is providing our SSO services?


For SSO with web browsers, there is a pre-requisite: we must install, manually or otherwise, a browser extension (or addon) for the browser in question on the client machines. I'll keep it simple and use Internet Explorer 11 (IE 11) as an example.

Installing the OneLogin browser extension

First, we can download the addon here:

Internet Explorer extension

Note: we would have to install the addon with an administrator account or use some software deployment solution if a manual install is not practical, because of, for example, the number of client machines. There is a wide variety of software deployment solutions, even one of which would go beyond the scope of this post. Once again, I will simply install the addon manually.

Once the extension (or addon) is downloaded, we simply double-click on the executable to begin the installation and then click "Next", keeping the default options (first three screenshots):

Click on "Finish" (etc.) to complete the installation.

User experience with Internet Explorer / OWA

For this blog post, as I stated above, I will use Internet Explorer 11. For the end-user, versions 9 and 10 are supported as well as the latest version of Chrome, Firefox and Safari. Please see OneLogin documentation (or contact tech support) for further details.

When the user logs on and opens IE, they may see a notice stating that the OneLogin addon is ready for use (click to enlarge):

If this happens, they should simply click "Enable".

The preferred method to access your Office 365 app via OneLogin is to use the following URL:

So if your domain is, you enter:

Instead of entering this URL manually, it would obviously make more sense to create a desktop shortcut or add the link to favorites. For example:

If everything is configured correctly (as described in the previous blog posts), this should take the user directly to the OneLogin "App Home" page where they will see (in our scenario) the Office 365 icon:

Note: for best results, we should assign the appropriate apps (in our case, Office 365) to the user before they logon. This task was completed in Part 2 of this series.

All we need to do at this point is click on the Office 365 icon and after a moment we are in:

It's then a simple matter of clicking on the Mail, Calendar, People (Contacts) or Tasks icon depending on what we want.


It is possible to use the URL by entering it manually or with a shortcut:

This is a little less efficient however. It brings us to the OneLogin home page where we have to click on the "LOG IN" link in the upper right-hand:

Simply clicking on the link will take us to the App Home page but we do have to click - unlike with the previous method that takes us directly to the App Home page without the detour to the company home page.

User experience with Outlook

The directions provided by OneLogin for the Outlook configuration assume that Outlook is installed after OneLogin has been configured:

In my case, the Outlook client was already configured to access Office 365 and I first thought it was necessary to reconfigure the Outlook profile (perhaps making it contact OneLogin first... somehow).

Although the directions seem to suggest Outlook will be connecting "through OneLogin" and provide an example of a URL ( ), we actually need to use our own  domain name. So if our domain name was (and if that was the domain used for our email addresses), we would enter the user name as:

Note: to reach this point, we follow the procedure to configure an Outlook profile (please refer to online documentation if you need more guidance):

Note: where do I enter the user's password? I see where in the OneLogin document reference earlier but there is no place to do so in the screenshot above. I discovered that if I backspace and remove the last letter of the email address (and then retype it), two text-boxes for the password appear,

 If we click "Next" as needed, we should see a confirmation message like this, with green check marks:

One important note: if you have a hybrid Exchange environment, your Exchange server(s) must be on when executing the steps above. Unlike the web interface, Outlook will interact with the onsite Exchange servers even if the mailbox in question is located in Office 365.

Once I complete the steps above, I can open Outlook and see my email messages.

No comments:

Post a Comment