View Source

In the DualShield Admin Console, navigate to "SSO | Service Providers"

Create Service Provider

On the toolbar, click the "Create" button

DualShield MFA Platform > Add Office 365 as a WS-Federation Service Provider in DualShield > image2021-8-31_0-20-23.png

Fill in the form as below:

DualShield MFA Platform > Add Office 365 as a WS-Federation Service Provider in DualShield > image2022-1-25_23-52-1.png

Now, click the "Attributes" tab

DualShield MFA Platform > Add Office 365 as a WS-Federation Service Provider in DualShield > image2021-8-31_0-32-30.png

We are going to add 3 SAML attributes

The first attribute is "UPN"

Map it to userPrincipalName.

DualShield MFA Platform > Add Office 365 as a WS-Federation Service Provider in DualShield > image2022-1-26_0-15-18.png

The second attribute is "ImmutableID",

use script to map it to: userID.decodeHex().encodeBase64().toString()

The third attribute is "username"

Map it to: loginName.

For this attribute, select "URL Path" as the location and enable the "Get Input" option

DualShield MFA Platform > Add Office 365 as a WS-Federation Service Provider in DualShield > image2022-1-26_0-7-47.png

DualShield MFA Platform > Add Office 365 as a WS-Federation Service Provider in DualShield > image2022-1-26_0-18-22.png

Now, click the "General Settings" tab

change NameIDFormat to "Map to the following attribute", and Attribute to "ImmutableID".

DualShield MFA Platform > Add Office 365 as a WS-Federation Service Provider in DualShield > image2022-1-26_0-10-0.png

Finally, click "Save"