When setting up the WS-Federation Sign-on Method for Microsoft Office 365 in Okta, after Authenticating with Microsoft Office 365 and when trying to save, the screen remains stuck on:

Please wait while we set up the sign on method.

• Microsoft Office 365
• Single Sign On
• WS Federation

The Microsoft global admin credentials used to configure the integration between Okta and Office 365 are invalid. Possible causes for this:

• The Microsoft Office admin account that was used to configure the API Integration with Okta is in a "password expired" state on Office 365 side.
• The Microsoft Office admin account that was used to configure the API Integration with Okta no longer has Global Admin rights.
• The password of the Microsoft Office admin account that was used to configure the API Integration with Okta is no longer valid.
• The AAD Admin MFA prompt is enabled.

1. The Office 365 admin account needs to be validated as active, and it must have Global Admin rights.
2. If a new admin account needs to be created, make sure that it has global admin rights on the Office 365 side. 
3. Ensure the Global Admin account is exempt from all Conditional Access Policies in Azure. To disable the AAD Admin MFA prompt, follow these steps:
   1. Go to the Microsoft Admin dashboard and select Azure Active Directory.
   2. Go to Properties and select Manage Security Defaults. Select the No option and then click on Save to disable the security defaults.

Related References

• Configure Single Sign-on for Office 365