DiniT.26394 (Customer) asked a question.
We have a verified domain on Azure that's integrated with Okta with Okta as iDP. Now we have partner setting up a Azure B2B env. Since we have already have a domain on Azure, we are told that our partner cannot federate with our Okta as the iDP with use of SAML/WS-Fed IdP federation on their Azure B2B env. With this limitation on Azure, that means our Azure become the iDP for all Azure B2B env down the road. Just wondering if there any workaround that we can have the federation directly federate with Okta which is chosen to be our enterprise iDP? Or if there a better approach that we can get the B2B request to our Azure be having a separate policy than following the rest of our own Azure's policy?
Hello Dini Tseung,
Hello
Thanks for posting.
Please take a look on this documents from Azure that might help you to achieve it with the limitation:
Azure AD Federation (https://docs.microsoft.com/en-us/azure/active-directory/b2b/direct-federation)
Azure AD as Federation Provider for Okta (https://docs.microsoft.com/en-us/previous-versions/azure/azure-services/dn641269(v=azure.100)?redirectedfrom=MSDN)
Now, since this is something very specific I also suggest you to open a support case with our team using the information in the link below: https://help.okta.com/en/prod/Content/Topics/Directory/get-support.htm
Let us know if this helps you.
Daniela Chavarria.
Okta Inc.