Adding a SAML Application for Exchange Mailbox Agent End-User Recovery

Applies to: Office 365 with Exchange Using Azure AD, User Mailbox

After you register the application using Azure AD, integrate with Azure AD by adding a SAML application in the Command Center.

Before You Begin


  1. In the Command Center, from the navigation pane, go to Security > Identity servers.

    The Identity servers page appears.

  2. Click Add SAML app.

    The Add SAML App dialog box appears.

  3. To upload the IdP metadata XML file, in the open Add SAML App dialog box, do the following:
    1. Next to Upload IDP metadata, click Browse.
    2. Select the IdP metadata XML file that you downloaded from the Microsoft Azure portal.
    3. Under Generate new SP metadata, next to Upload key store file, click Browse.
    4. Select the .jks (Java keystore) file that you created, and then click Open.
    5. Type the corresponding information for the .jks file.
    6. Complete the application, and then click Save.
  4. Add an identity redirect rule:
    1. On the Identity servers page, click the SAML application that you created.
    2. Under Identity redirect rule, click Add identity redirect rule.

      The Add identity redirect rule dialog box appears.

    3. Optional: In the Domain name box, type a domain name.
    4. In the Associated SMTP box, type the SMTP address of the domain, and then click Add.
  5. Under General, copy the single sign-on URL, and then record it.
  6. From the navigation pane, go to Security > User groups, and then add your user group.

What to Do Next

In Azure AD, replace the Web Console URL with the single sign-on URL that you recorded in the Command Center.

Last modified: 7/25/2018 5:44:43 PM