Configuring Azure Active Directory join from Microsoft 365 application
You can configure Azure Active Directory join from Microsoft 365 application in the IBM® Security Verify administration console.
Before you begin
- Configure the device settings in the Azure portal to register your devices with Azure Active Directory. For more information on configuring device settings, see Manage device identities by using the Azure portal.
- Create a custom domain in the Azure portal and verify that the custom domain is valid in the Azure Active Directory. For more information on creating a custom domain, see Add your custom domain name using the Azure Active Directory portal.
- Set up a federated Azure Active Directory custom domain with IBM Security Verify. The following federation service
end points are provided by IBM Security Verify:
Endpoint Example IssuerUri https://<tenant-hostname>/wsf/sps/wsfedip/wsf PassiveLogOnUri https://<tenant-hostname>/wsf/sps/wsfedip/wsf ActiveLogOnUri https://<tenant-hostname>/wst/SecurityTokenService13 MetadataExchangeUri https://<tenant-hostname>/wsf/sps/mex LogOffUri https://<tenant-hostname>/idaas/mtfim/sps/idaas/logout - Select the attribute from the IBM Security Verify user account that is used as
ImmutableID
in Azure Active Directory and provision users into Azure Active Directory.
For more information on Azure Active Directory join, see Plan your Azure Active Directory join implementation.