Search Knowledge Base by Keyword
This article will guide you on the installation of the WinKK Passport authentication for Office 365.
WinKK Passport Configuration
Open passport.winkk.com/partner, login with your profile, and open the Applications tab.
- Add a new application
- Name – doesn’t matter,
- URL – The root URL of the AD FS proxy website (with protocol prefix https://, with port (if not default), without redirect page address).,
- Interface – WinkkAuth,
- Authentication type – doesn’t matter,
- Secret – check Generate new secret key
- Click Save.
- After these steps the application id will be generated and located in the application’s page header:
Winkk Passport Active Directory Federation Services Installation
The installation process is described in the Active Directory FS Integration guide.
Deploying Active Directory Federation Services Infrastructure and Establishing Trust Relationships
Active Directory Federation Services (AD FS) provides simplified, secured identity federation and Web single sign-on (SSO) capabilities. Federation with Azure Active Directory (Azure AD) enables users to authenticate using on-premises credentials and access all resources in cloud. Because of using by Azure AD and Office 365 same authentication scheme, this federation allows SSO to Office 365 services both. As a result, it becomes important to have a highly available AD FS infrastructure to ensure access to resources both on-premises and in the cloud. Deploying AD FS in Azure can help achieve the high availability required with minimal efforts. There is the article described deploying AD FS infrastructure in Azure Cloud.
If your case does not propose using Azure Cloud infrastructure, but you have on-premises Active Directory and still want to set up trust relationships between your domain and Azure AD-based services you will need to deploy your on-premises AD FS first. To do this you should have at least Windows Server 2012 R2 release and there is the link described deployment guide.
After deploying AD FS, you have two cases: configure it by using Azure AD Connect (you could download it from portal.azure.com in the section “Azure Active Directory”) or configure it manually according to this article and then set up trust between AD FS and Azure AD by PowerShell cmdlets described in this article.
When you establish trust relationships with Microsoft services successfully, a record “Microsoft Office 365 Identity Platform” should appear in your ADFS Management console:
In minimal configuration, you will need one AD FS server, which have external internet route to 443 port.
Log In Procedure
If actions described above were performed, you can log in with Winkk Passport into the Office 365 website.
- Go to the Office 365 website and click “Sign In”.
- On the login page type your Office 365 domain e-mail and click “Next”.
- It will redirect you to the WINKK SSO Environment Log In Page. Click “Sign In via Winkk Auth”.
- CypherEye page will appear. Scan it with the Winkk Passport mobile app. Choose or create profile with validated e-mail. Profile should have profile name and e-mail, no other data is required to be specified.
- It will provide you with the screen. Type your credentials and tap “Accept”.
- After it you will be logged into the Office 365 with your domain e-mail.