<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
How to Send Federated Users Directly to a Sharepoint Online Site with a Bookmark
Sep 15, 2025
Single Sign-On
Overview

This guide will walk through creating Office 365 Smart Links to direct users to specific SharePoint Online site collections or web pages when federated with Okta.

Applies To
  • SharePoint Online
  • Single Sign-On (SSO)
  • Bookmark Application
  • Users under specific conditions
Cause

This configuration may be required when users need to access a specific SharePoint Online site or web page directly when using Okta Federation.

Solution

NOTE: The method of using _forms/default.aspx with a ReturnUrl is now considered deprecated and may lead to authentication issues due to changes on the Microsoft side. The recommended and more reliable method is to use a direct path to the intended SharePoint page.

 

  1. Acquire the PassiveLogOnUri value. This can be located in the PowerShell Script on the View Setup Instructions page. For example:
    • https://[[Org]].oktapreview.com/app/office365/k2O6WLqrFk5tTfjzvFkL/sso/wsfed/passive

 

  1. Append the required parameters. Next, append the following parameter string value to the PassiveLogOnUri: ?wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=wa%3Dwsignin1.0%26wreply%3D 

 

Using the example from the previous step, the URL should now look like this:

    • https://[[Org]].oktapreview.com/app/office365/k2O6WLqrFk5tTfjzvFkL/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=wa%3Dwsignin1.0%26wreply%3D

 

  1. Add the double-encoded direct URL. Instead of using the deprecated forms URL, add a double-encoded URL that points directly to the desired landing page. For example, if the target is the Accounting home page at https://[[TENANT]].sharepoint.com/sites/Accounting/Home.aspx, double encode the URL: https://[[TENANT]].sharepoint.com/sites/Accounting/Home.aspx.

 

The double-encoded value would be: https%253A%252F%252F[[TENANT]].sharepoint.com%252Fsites%252FAccounting%252FHome.aspx.

 

  1. Combine all the parts. Combine all the parts to form an Office 365 Smart Link. This Smart Link can then be used as a bookmark to access a specific SharePoint Online site directly.

 

Here's an example of the full Smart Link:

https://[[Org]].oktapreview.com/app/office365/k2O6WLqrFk5tTfjzvFkL/sso/wsfed/passive?wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=wa%3Dwsignin1.0%26wreply%3Dhttps%253A%252F%252F[[TENANT]].sharepoint.com%252Fsites%252FAccounting%252FHome.aspx

Please replace [[Org]] and [[TENANT]] with the appropriate values.

 

NOTE: These steps could change based on product updates. Instructions are provided AS IS without any warranty. It is recommended to consult an IT professional before making changes to the system.


Related References

Recommended content

Still looking for help?
Loading
How to Send Federated Users Directly to a Sharepoint Online Site with a Bookmark