Single sign-on behavior on a device that uses Office 365 apps

Information about configuring an account on a device when single sign-on is enabled.

Users can directly access apps that use single sign-on without entering their password. However, users must manually authenticate with one of the apps like Office 365 Mail, SharePoint, RMS, or OneDrive by using username and password.

When a user signs in to an app, MaaS360 generates a token and uses that token to authenticate with other apps that are configured for single sign-on.

Notes:
  • MaaS360 does not store passwords.
  • MaaS360 only stores authentication tokens and uses those tokens for subsequent logins.
  • MaaS360 ensures that tokens are automatically refreshed when they expire. If a password has changed in the cloud, users must authenticate again using the new password.
The following is an example of single sign-on behavior on the device for a new user:
  1. In the initial account configuration screen, click Sign in.

    The authentication screen that is configured by the administrator is displayed.

  2. Enter username and password.

    If authentication is successful, users can directly access email and doc resources without typing passwords.

  3. When users open email or doc resources, a Single Sign-On window is displayed. By default, the enrollment email ID is automatically displayed, but users can clear that email ID and provide the email ID that is registered for Office 365.