使用办公室加载项,SSO资源设置SSO”。由于域不匹配而无法使用
我正在尝试使用我的办公室加载项实现SSO。为此,我使用的是Office IdentityApi,它要求您拥有一个应用程序ID URI,该应用程序具有一些限制(例如您拥有该域并进行了验证)。使用MS LINGO,我们拥有 www.contoso.com 和 www.contoso.com/ {appid} ,如文档中所建议。但是,我的加载项被托管在Azure静态存储上,该存储的域 www.contoso。 z12.web.windows.net ,这与appid uri不同。这意味着在尝试使用此设置时,我会在问题中遇到错误。将appid uli更改为静态网站上的域行不通的域。有人有任何建议吗?
I am trying to implement SSO with my office add-in. To do this, I am using the office IdentityAPI, which requires you to have an application ID URI, that has some restrictions (such as you owning the domain and it being verified). Using MS lingo, we own www.contoso.com and www.contoso.onmicrosoft.com, so I have set up the AppID URI to be www.contoso.com/{appId}, as is suggested in the documentation. However, my add-in is being hosted on Azure static storage, which has a domain www.contoso.z12.web.windows.net, which is different to the the AppID URI. This means that I get the error in the question when trying to use this setup. Changing the AppID URI to the domain that the static website is on does not work. Does anyone have any suggestions?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您需要使用有效的证书在自定义域上托管加载项。 Azure AD Services不接受公共Azure网站。这是将SSO与Azure AD一起使用的众所周知的限制。
SSO配置页面上的错误应明确说明。
You need to host the add-in on the custom domain with a valid certificate. Public Azure web sites are not accepted by the Azure AD services. This is a well-known restriction for using the SSO with Azure AD.
The error on the SSO configuration page should state that explicitly.