How to switch between Single Sign-On (SSO) providers
Overview
This article explains the process of switching the SSO provider for the Insight Personal Archive Microsoft Outlook VSTO Add-in (PAOutlookVstoAddIn) between Azure and Okta. The process uses the Set-SsoProvider.ps1 PowerShell script to update the deployed configuration file.
Prerequisites
Before you begin, ensure that the following requirements are met:
- The PAOutlookVstoAddIn is already deployed.
- Access to the configuration file in the ClickOnce Apps folder (
%LOCALAPPDATA%\Apps\2.0) is available. - The OktaInstallSettings.txt file is available in the same folder as the PowerShell script.
Procedure: Switching to Okta
- Close Outlook before switching the Okta SSO provider. (This ensures that the updated configuration is applied when Outlook restarts.)
Open PowerShell and run the
.\Set-SsoProvider.ps1script.When prompted, enter 2 to select Okta.
As a result, the following actions occure:
- The script updates the deployed configuration file using settings from OktaInstallSettings.txt.
- The following configuration keys are updated based on the PAOutlookVstoAddIn Okta setup. For example:
<add key="SSOProvider" value="OKTA" />
<add key="Okta_Domain" value="https://dev-47544291.okta.com" />
<add key="Okta_ClientId" value="0oanp3azxgjeqcLz55d7" />
<add key="Okta_RedirectUri" value="http://localhost:5000/authorization-code/callback"
- A backup of the original configuration file is created with a .bak extension.
Procedure: Switching to Azure
- Close Outlook before switching the Azure SSO provider. (This ensures that the updated configuration is applied when Outlook restarts.)
Open PowerShell and run the
.\Set-SsoProvider.ps1script.When prompted, enter 1 to select Okta.
As a result, the following actions occure:
- The following configuration keys are updated based on the PAOutlookVstoAddIn Okta setup. For example:
<add key="SSOProvider" value="AZURE" />
- A backup of the original configuration file is created with a .bak extension.
Verification
- After switching to the required SSO provider, restart Microsoft Outlook to load the updated configuration.
- Confirm that the login prompt reflects the selected SSO provider (Azure AD or Okta). The Azure or Okta log-in page appears.
- Enter your credentials to sign in. Ensure that the authentication is successful.
Troubleshooting
- If the script cannot locate the configuration file, ensure that the add-in is installed.
- If switching to Okta fails, ensure that OktaInstallSettings.txt exists in the script folder and contains valid values.
- Always run Set-SsoProvider.ps1 in PowerShell with administrative privileges.
Known Limitation:
Personal Archive session expiration with Okta SSO: When the Personal Archive session expires, the existing Personal Archive page in Outlook may remain open but become inactive. To re-establish the session, close the existing Personal Archive frame and relaunch the add-in.
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.