Appendix: Office 365 Access Continuity for SafeNet Trusted Access
This section focuses on ensuring continuous access to Office 365 if SafeNet Trusted Access becomes unavailable, whether due to known or unknown reasons. This is achieved by utilizing switch-over use cases for the Office 365 application with the SAS PCE enterprise continuum.
Note
By configuring the Continuum use case for Office 365, users will be able to switch authentication between STA and SAS PCE, or vice versa. The user login experience will remain largely unchanged, as detailed here.
- SAS PCE End-User Flow
- STA End-User Flow
An Enterprise SAS PCE customer can set up Office 365 login so that authentication can be switched with a few simple steps.
For more details, refer to the Switch Authentication Flow between STA and SAS PCE section on Thalesdocs.
However, for Office 365, the following additional steps are required to be performed after adding SafeNet Trusted Access as an identity provider in SafeNet Access Exchange:
-
On the respective realm console, in the left pane, click Identity Providers and then in the right pane, click on your identity provider (for example, oidc), which is already added in SafeNet Access Exchange. For steps to add an identity provider, refer to the Identity Provider Configuration (STA) on Thalesdocs.
-
Under Provider details, go to the Mappers Tab, and click Add mapper.
-
Under Add Identity Provider Mapper, add the immutableId and Timestamp attributes using the corresponding field values mentioned in the below table.
Name Sync mode override Mapper type Claim User Attribute Name immutableId Legacy Attribute Importer immutableId immutableId Timestamp Legacy Attribute Importer Timestamp Timestamp -
Click Save.
Note
In this section, mapping is created to ensure that incoming attributes, provided as claims from SafeNet Trusted, are captured in SafeNet Access Exchange.
It is mandatory to add the same attributes as claim or Return Attributes while adding the application in STA. Refer to the below screenshot.