Products
Our platforms secure all types of identity from AI agents to your customers, employees, and partners.
Skip to content
Agentic AI Security
Identity & Access Management
Privileged Access Management
Identity Threat Detection & Response
Customer Identity & Access Management
Identity Governance & Administration
Integrations
Solutions
Okta is the neutral, powerful, and extensible platform that puts identity at the heart of your stack.
Customer Success Stories
Developers
Okta and Auth0 deliver flexible, secure access. Build fast with our extensible platforms for customers, workforce, and non-human identities.
Company
Our platforms secure all types of identity from AI agents to your customers, employees, and partners.
About Okta
Careers & community
Values & Impact
Products
Our platforms secure all types of identity from AI agents to your customers, employees, and partners.
Agentic AI Security
Identity & Access Management
Privileged Access Management
Identity Threat Detection & Response
Customer Identity & Access Management
Identity Governance & Administration
Integrations
Solutions
Okta is the neutral, powerful, and extensible platform that puts identity at the heart of your stack.
Customer Success Stories
Developers
Okta and Auth0 deliver flexible, secure access. Build fast with our extensible platforms for customers, workforce, and non-human identities.
Company
Our platforms secure all types of identity from AI agents to your customers, employees, and partners.
About Okta
Careers & community
Values & Impact
As the leading independent provider of enterprise identity, Okta integrates with more than 5000 cloud applications out-of-the-box. These cloud applications are accessible from Internet and hence are regularly targeted by adversaries. Okta’s security team sees countless intrusion attempts across its customer base, including phishing, password spraying, KnockKnock and brute-force attacks. They continuously monitor and rapidly respond to these attacks to protect customer tenants and the Okta service. The most commonly targeted application for these attacks is Office 365, a cloud business productivity service developed by Microsoft.
Okta’s customers commonly use a combination of single sign-on (SSO), automated provisioning, and multi-factor authentication (MFA) to protect their Office 365 tenants against the aforementioned attacks. However, Office 365 uses several authentication methods and access protocols, including some authentication methods and legacy authentication protocols that do not support MFA in their authentication flow. It has become increasingly common for attackers to abuse these legacy authentication protocols to compromise business email accounts.
This document covers the security issues discussed above and provides illustrative guidance on how to configure the Office 365 application with Okta to bridge the gap created by lack of MFA for Office 365. This information is based on internal research performed by the Okta security team and does not constitute a replacement for Okta documentation addressing Office 365 configuration for Okta.
Topics
- Access Control
- Automation
- Cloud Security
- IAM
- Phishing
- Secure Access
- Security
- Okta Workforce Identity
- Enterprise Federation
- Adaptive MFA
- Authentication
- Multi-Factor Authentication
- Single Sign-On
- Whitepaper
- Whitepaper