If you are federating EmpowerID with Office 365 and using the Outlook Rich Client, you need to enable modern authentication for Exchange Online. Modern authentication is a Microsoft implementation that enables Office client applications to integrate with third-party Identity Providers using OAuth. This topic demonstrates how to configure Exchange Online to allow federated users to use the Outlook Rich Client.
Prerequisites
You must have a licensed corporate Office 365 account, connect EmpowerID to Office 365, and set up SSO with Office 365.
To configure Exchange Online for Modern Authentication
- Run Azure AD PowerShell module as an administrator.
Run the following cmdlet to create a credential object:
$credential = Get-Credential
- In the Credentials window that appears, type the username and password for an Office 365 global administrator and click OK.
Once you have connected, run the following cmdlet to create a remote PowerShell session with Exchange Online:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $Cred -Authentication Basic -AllowRedirection
Run the following cmdlet to set the session with Exchange Online:
Import-PSSession $Session
Run the following cmdlet to enable Modern Authentication for Exchange Online:
Set-OrganizationConfig -OAuth2ClientProfileEnabled:$true
Run the following cmdlet to check that Modern Authentication for Exchange Online has been enabled:
Get-OrganizationConfig | ft name, *OAuth*
Run the following cmdlet to close the session:
Remove-PSSession $Session