Federating with Office 365 (Azure AD) - User Exceptions? Skip to main content
https://support.okta.com/help/answers?id=9062a000000bmf9qai&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Kevin BlumenfeldKevin Blumenfeld 

Federating with Office 365 (Azure AD) - User Exceptions?

Is there some way to allow some users to use the password hash (if enabled in AD Connect) instead of OKTA's SSO?  This would allow us to use Azure AD Domain Services (which requires users to have password hashes synced by AD Connect) AND Office 365 where we require SSO.

Again, this would be for just a few users.

Thank you.
Gabriel SrokaGabriel Sroka (Okta, Inc.)
Hi Kevin
O365 is designed to user either password ("managed") or federated SSO per domain, but you can't mix and match in the same domain. This is an O365 limitation (not Okta's). Note, you can have multiple domains in a given O365 tenant.