SAML configuration for Outlook client

Modern authentication in Exchange Online enables authentication features like multi-factor authentication (MFA), smart cards, certificate-based authentication (CBA), and third-party SAML identity providers. Modern authentication is based on the Active Directory Authentication Library (ADAL) and OAuth 2.0.

When you enable modern authentication in Exchange Online, Windows-based Outlook clients that support modern authentication (Outlook 2013 or later) use modern authentication to connect to Exchange Online mailboxes. 

How to enable or check if modern authentication is enabled in your Office 365?

First, connect to your Office 365 Admin portal and log in with your admin account. As soon as you are logged in, you will be able to see all the different functionalities and features. In this case, you are interested in the Admin configuration.

To see if your Office 365 account has modern authentication enabled, please navigate to Organisation Settings> Modern Authentication, where you should see the availability checkbox. 

Steps for SSO flow for Outlook Client

1. Add or Login to the Outlook client.

2. Enter email ID.

3. It will redirect to the Cross Identity Login page and provide the CI credentials.

4. The following screen shows the confirmation of successful addition.

Follow the below steps for MFA-registered users:

1. Users need to reregister in All App Device\Browser.
2. Users may see the difference in the login UI.
3. While Login you'll be prompted for more information to register for MFA.
4. Follow the steps given in the attachment to register for MFA(MFA Setup Steps.doc).
   Important:

   Outlook 2013 (and Office 2013) connections to Microsoft 365 accounts are unsupported as of October 2020. You will need to upgrade to a newer version of the Office app to connect your Microsoft 365 account to Outlook.