<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Office 365 Federation with Okta and Implications for Third-Party Tools
Aug 15, 2025
Single Sign-On
Okta Classic Engine
Okta Identity Engine
Overview

This article addresses a potential issue when the Office 365 (O365) domain is federated with Okta while having third-party tools that redirect some users to Entra ID for authentication. When the O365 domain is federated with Okta, Okta becomes the Identity Provider (IdP) for the account, thus potentially impacting the authentication flow of these third-party tools.

Applies To
  • Okta Identity Engine
  • Okta Classic Engine
  • Microsoft Office 365
  • Entra ID (formerly Azure AD)
Cause

The root cause of the potential issue is due to Okta becoming the Identity Provider once the O365 domain is federated. This leads to a potential disruption in the authentication flow of the third-party tools which redirect the users to Entra ID for authentication, resulting in an extra step where users are redirected to Okta for authentication, which might lead to failure in some cases.

Solution

To prevent this authentication issue, perform the following steps in order:

  1. Disconnect the third-party applications from Entra ID.

  2. Set up the Office 365 and Okta federation.

Recommended content

Still looking for help?
Loading
Office 365 Federation with Okta and Implications for Third-Party Tools