Single Sign-On experience for Microsoft Office applications

Documents can be opened in applications such as Word, Excel or PowerPoint by clicking on a document link in SharePoint. Without any additional configuration, each time the user does this, a login page is presented by Airlock IAM instead of the requested document. Unfortunately, the Microsoft Office applications do not know how to react to the Airlock IAM login page, signing in is not possible.

To have a Single Sign-On experience (SSO), the Airlock Gateway session cookie needs to be made persistent. This can be either achieved by configuring the Airlock Gateway session cookie as persistent, or by deploying the Airlock add-on module Secure Session Transfer (SST).

MEDIUM – For productive environments, Ergon recommends using Airlock Secure Session Transfer (SST) rather than configuring a fixed expiry date for the Airlock Gateway session cookie.

Chapter-related prerequisites

  • The previously described configuration steps have been carried out.
  • Configuration takes place in Airlock Gateway.
  • You must be logged in as an admin in the Airlock Gateway Configuration Center.