PeterC.85366 (Customer) asked a question.
I noticed that On Premise Exchange supports OAUTH Authentication / Hybrid Modern Auth. Has anybody successfully transitioned their on premise Exchange environment to use Okta OAUTH as an IDP?
The below article mentions it can be done but doesn't mentioned Okta specifically. Also can't seem find any examples.
Quote:
"When you enable HMA you are essentially outsourcing user authentication to your iDP, Exchange becomes the consumer of the resulting authorization tokens. You can enforce whatever authentication the iDP can do, rather than teach Exchange how to handle things like text messaged based MFA, blood analysis or retina scanning. If your iDP can do that, Exchange can consume the result. Exchange doesn’t care how you authenticated, only that you did, and came away with a token it can consume."
This is Robert from Okta support.
The integration with Exchange Hybrid Modern Auth (HMA) is supported. ADFS 2019 will support it natively - there are some caveats with Microsoft Seamless SSO enabled, but long and short, Okta supports it.
Is there documentation for this? What are the caveats?