I am writing an app that connects to office 365 to pull the users newest X emails and show as a preview on their dashboard.
What I have is:
- user loads the page.
- logs them in via adfs sso
- redirects back to the dashboard
- redirects to office 365 login ( via my oAuth script - https://login.windows.net/common/oauth2/authorize, resource: https://outlook.office365.com/, state: MD5 ID, login_hint = urlencoded email, WHR = adfs.domain.com ( not right ).
- the email address is pre-populated, they have to TAB out of the email field, and are redirected back to their adfs server before entering a password.
- adfs confirms login and redirects to their dashboard - shows email.
What I understand from reading the below resources, I can pass the WHR param, that will bypass the azure login.
http://msdn.microsoft.com/en-us/library/gg185963.aspx
Here is an example:
https://login.windows.net/common/oauth2/authorize?
resource' => https://outlook.office365.com/
login_hint => urlencode(email)
WHR => https://adfs.domain.com/
state => uuid
[UPDATED workflow] Thanks.