Office 365 SAML 2.0 Federation Implementers Guide
This paper contains instructions for solution implementers of a Microsoft cloud service who want to provide their Azure Active Directory users with sign-on validation using a SAML 2.0 compliant SP-Lite profile based Identity Provider as their preferred Security Token Service (STS) / Identity Provider (IDP). This is useful where the solution implementer already has a user directory and password store on-premises that can be accessed using SAML 2.0. This existing user directory can be used for sign-on to Office 365 and other Azure Active Directory secured resources. The SAML 2.0 SP-Lite profile is based on the widely used Security Assertion Markup Language (SAML) federated identity standard to provide a sign-on and attribute exchange framework.