IdPv3 authenticating against Office 365

Yan Juras yan.juras at
Wed May 18 18:04:02 EDT 2016

Hi all.

First, my thanks to everyone who contributes here; your answers and comments have been extremely useful to me.

Queens College is part of the City University of New York. At present, our local Active Directory has accounts for our employees (faculty and staff) and also for our students. We're used IdPv2 for a few years (someone else set it up) and I've recently spun up IdPv3 (v3.2.1) to replace the older system. The new IdP is working well using our AD for authentication and attributes. Our student email system is Office 365, which is centrally managed by the University, including account provisioning and password management; I have some admin access to Office 365, but it is effectively read only.

I've been asked to explore using Office 365  as an authentication and attribute source for our IdP so that we can move away from needing to provision and maintain accounts for our students. Ideally, I'd like to authenticate using the Office 365 username and password, and be able to pull a basic set of attributes from Office 365 (givenName, sn, displayName, email/eppn) for use/release by the IdP.

Is anyone aware of a way to do this?

I've tried searching for something that uses POP3 to do the authentication but pretty much everything is about using an IdP to authenticate POP3 rather than the reverse.

Yan Juras, Manager of Systems Engineering, Office of Information Technology
Queens College / Flushing NY 11367 / (718)997-5906 / FAX: (718)997-5678
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list