Recently Microsoft announced the release of updates to Office 2013 clients and Office 365 to support new authentication flows enabled by the Active Directory Authentication Library (ADAL). Now this article is a little confusing so what does this actually mean?
For a long time Outlook has been the black sheep of the Microsoft client stack in terms of supporting true single sign on with Office 365. Customers have deployed complex ADFS environments seeking the best user experience to find that whilst Lync, Office & passive web browsers benefited with single sign on Outlook would fall back to Basic authentication prompting users for their UPN & password on profile creation or password change. This left some customers wondering why they had deployed ADFS and begged the question why Outlook arguably the most used client application didn’t support single sign on.
Good news the new authentication flows finally resolve this issue and Outlook 2013 will support true single sign on when deployed with ADFS. This update is currently listed as rolling out on the Office 365 roadmap so keep an eye open for these changes being deployed to your tenant soon.