Select which users to be federated? Skip to main content
https://support.okta.com/help/answers?id=906f0000000blrhiai&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Andy ManAndy Man 

Select which users to be federated?

We don't have Windows AD and we have Office 365, is it possible to select which users to be federated?

The reason for this is that we have 2 groups of users:
    1. Staffs - we like to implement SSO and provisioning with Okta for Office 365.
    2. Clients and contractors that only use SharePoint Online, we like them to login to Office 365 directly; we can manage their accounts in Office 365 admin portal.
    
Both groups of users uses the same domain in Office365.
api-workday api-workdayapi-workday api-workday
Hi Andy,

in office 365 you are configuring a domain to be delegated (not the users).

So you could accomplish this by configuring the different user account persona's within a different domain (not the AD domain type, just domain name). they would have to be a different domain and not a subdomain as the subdomains inheirit the authentication type of their parent domain.

I think what you want is technically possible but is likely more involved than just changing the authenitcaiton type for a subset of users.

-Matt
Andy ManAndy Man
Thanks Matt,  

I guess I will need to move the clients and contractors to a new domain name on Office 365, then federate the staff's domain on office 365 for Okta.

Cheers
Andy