Some individuals have secondary Microsoft accounts in M365 tenants other than their primary. To access those accounts we use our primary Okta identities to authenticate.
Instructions
When signing into Microsoft resources with your secondary account:
- Enter your secondary email address when initially prompted by Microsoft to sign in
- Microsoft will redirect to Okta for authentication
- Enter your primary Okta username (your primary email address)
- Note: it may prefill your username in Okta with the username of your secondary account - replace this with your Okta username
- Enter your Okta password & complete any Multi-Factor Authentication (MFA) as prompted
- You'll be redirected to Microsoft, authenticated to your secondary account
Browser Sessions
You'll want to open a separate browser session to access a secondary Microsoft account. That can be accomplished by opening an incognito (Chrome) or an in-private (Edge) browser window. You can also setup a separate browser profile (Microsoft instructions on browser profiles in Edge).
Example Scenario:
Joe Jones (joe.jones@wilksbrothers.com) with the Wilks Brothers Accounting Department needs to access a shared mailbox in the Carbo M365 tenant. Since shared mailboxes can only be accessed by accounts in the same tenant, the IT Dept. creates a joe.jones@carbo.tech account.
To open the new mailbox in a web browser, Joe opens a incognito (Chrome) or in-private (Edge) window and navigates to https://outlook.office.com. Microsoft prompts for sign-in & Joe enters joe.jones@carbo.tech. Microsoft forwards Joe to Okta for authentication - it may even pre-fill the username as joe.jones@carbo.tech. However, Joe needs to authenticate using his Okta identity - joe.jones@wilksbrothers.com, so he enters that for his username. His password and multi-factor authentication methods are unchanged - he only has the one Okta identity.
Okta is configured to grant Joe access to new email account joe.jones@carbo.tech. Once he's authenticated through Okta he's sent back to Outlook and is now successfully signed into his new email. Shared email accounts will appear under his personal email.