KevinB.98148 (Customer) asked a question.
We have been trying to get rid of ADFS for authentication in Azure, and we want to configure Okta as an external authentication method for it. After setting it on both sides, Okta and Azure, following the documentation placed on here https://help.okta.com/en-us/content/topics/apps/office365/use_okta_mfa_azure_ad_mfa.htm we tried to tested it out, however, every time we do the authentication we received an status of "Evaluation of sign-on policy
CHALLENGE" when trying to do the handshake with Azure, it fails up.
Is there anywhere we can track back this issue? Or anything we can try to test up to fix it? Or is there any way that we can bypass the authentication method from Okta when Azure already has a "require Authentication" option
Hi @KevinB.98148 (Customer) , Thank you for reaching out to the Okta Community!
If I'm understanding the use case correctly, check to see if you have the "Use Okta MFA for Azure AD" option enabled under your M365 app configuration.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Collect them all. Learn a new skill and earn a new Okta Learning badge.
Just released: More Okta Community badges just added
Hi Mihai.
Partially, I want to make use of the Okta verify app (MFA) to authenticate against Entra ID, and use it as a External Authentication Method. For this, should I set up the Office 365 App on Okta that supports WE Federation and do the configuration as mentioned on the link you provided?
Appreciate your time!
@KevinB.98148 (Customer) That would be for when you already have Okta implemented as the IDP.
If you are looking just for MFA, perhaps this is what you are looking for. It leverages a dedicated app called "Microsoft Entra ID External Authentication Methods" listed in the Okta Integration Network (OIN) catalog for the implementation.
Regards.
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Collect them all. Learn a new skill and earn a new Okta Learning badge.
Just released: More Okta Community badges just added
We did followed all the steps and encounter this error Message: AADSTS5007413: Authentication with external provider cannot be completed due to invalid provider discovery response.
Even if we followed the full steps provided by the guideline
It could be related to the issue mentioned in this article.
We can provide general guidance and documentation, but in-depth troubleshooting is outside of the Okta Community forum scope.
If you have an account with us and are a SuperAdmin/Case Admin, please open a case to work with my colleagues from the Support Team to investigate this further. They'll be able to access additional tools and resources to help you get to the bottom of it.
Regards.
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Collect them all. Learn a new skill and earn a new Okta Learning badge.
Just released: More Okta Community badges just added