• Download our FREE True Price of Office 365 Whitepaper
  • Give us a call: 877-788-1617

    Stay in the know with the MessageOps newsletter:

    Creating AD FS “Smart Links” for transparent SSO experience

    Let’s say we have an Active Directory Federation Services customer who no longer wants his users to have to do the following to access O365:

    1. Go to portal.microsoftonline.com
    2. Type in their username
    3. Get redirected back to AD FS
    4. Type their username and password again
    5. Log into the service

    What if we could just give a user a custom single link to use, where they would never even have to type in an O365 URL?

    Well, we certainly can! These are called AD FS Smart Links, and we can configure them to help provide a better AD FS experience.

    Ref: http://www.microsoft.com/en-us/download/details.aspx?id=28971 (6.4 – Smart Links)

    Let’s create an example Outlook Web App seamless URL.

    We’ll take our OWA Redirect URL:


    The highlighted text we’ll replace with our AD FS service name (e.g. sts.contoso.com, the DNS object that points to the AD FS server)


    Now, we’ll create a DNS CNAME object for our vanity domain.

    Owa.contoso.com POINTS TO https://outlook.com/owa/sts.contoso.com


    Now when a user  wants to log into OWA< all they have to do is

    1. Browse to owa.contoso.com
    2. Internally, they will be logged into automatically. Externally, they’ll hit their own AD FS page, without worrying about O365 Portal Redirection. (The ADFS page can also be fully customized with their own corp branding)
    3. The user never sees an O365 Link until they hit their mailbox.

    Ready to get started? Contact us today to learn more.