Office
In this document you are going to set up IDmelon as an external IdP to the Office.
Execute these commands in the Windows Power Shell
$cred = Get-Credential
Connect-MsolService -Credential $cred
Get-MsolDomain
Get all values for {..} from your IDmelon panel.If you are currently login here, you will see the replaced values instead.
$dom = domain $uri = idp_issuer_uri
$url = idp_single_sign_on_ur
$logouturl = idp_single_sign_on_url
$cert = idp_certificate_download_url
Set-MsolDomainAuthentication -DomainName $dom -FederationBrandName $dom -Authentication Federated -PassiveLogOnUri $url -SigningCertificate $cert -IssuerUri $uri -LogOffUri $logouturl -PreferredAuthenticationProtocol SAMLP
Check your SAML configuration
the result is :
$dom = domain Get-MSolDomainFederationSettings -DomainName $dom | Format-List *
You need to set Set ImmutableID for your current user
Example of users.csv csv file:
UserPrincipalName
Load CSV
$csvFile = Import-Csv C:\\idmelon\\users.csv -Delimiter ";"
Create arrays for skipped and failed users
$SkippedUsers = @()
$FailedUsers = @()
Loop through CSV records
foreach ($item in $csvFile) { $upn = $item.UserPrincipalName $UserPrincipalName = (Get-MsolUser -UserPrincipalName $upn | select UserPrincipalName).UserPrincipalName $objectID = (Get-MsolUser -UserPrincipalName $upn | select ObjectId).ObjectId.Guid if ($UserPrincipalName) { try{ Set-MSOLuser -UserPrincipalName $UserPrincipalName -ImmutableID $objectID } catch { $FailedUsers += $upn Write-Warning "$upn user found, but FAILED to update." } } else { Write-Warning "$upn not found, skipped" $SkippedUsers += $upn } } foo()
Show result
Get-MsolUser -all | Select-Object UserprincipalName,objectID,ImmutableID
Passwordless
Open Azure directory admin.

Click on users.

Choose a user.
Click on Authentication methods.
Delete Authentication method option.

API Token
From the side menu, navigate to the App registrations menu and click New registrations.

Enter the desired name for your Application.
Then from Supported account types select who can use your API.
Tip : for more information of the choices please select Help me Choose....
Click Register.

Then you can see your API information, which you have Copy and send these informations to idmelon.
Copy Application (client) ID.
Copy Directory (tenant) ID.
Then please for accessing to Client Secret click Add a certificate or secret in Client credentials field.

From Certificate & secrets panel please click on New client secret :
Enter the desired description for your client secret.
Click Add.

Finally you can Copy your client secret from Client credentials field.

Please send these infromation to idmelon, in order to get your users from office panel.