Perform the following steps to test browser-based access to Office 365 applications such as the team portal.
- Open a browser window and navigate to Office 365.
- In the sign on window, in the User ID field, specify the address of a user that has been synchronized.
- Click the Sign in at <your federated domain brand name> link.
- When presented with a sign on form, enter the credentials of the user and click Submit.
Your browser should be redirected to the Office 365 team portal, and you should be logged in. If you receive an error stating that the user does not have a license to use Office 365, check that the user has been allocated a license. You might also need to grant the user rights if you are testing SharePoint Online. After making these changes, retest.
To test access to the federated instance of Office 365 using Microsoft Outlook or some other client that supports POP3 or IMAP4, follow the instructions specific to the application you are using. To find the server settings you need to configure the client in Office 365, see POP, IMAP, and SMTP settings for Outlook.com in the Microsoft Outlook documentation.
After you find the correct POP/IMAP server settings and configure your client, try to send and receive email. This should trigger a prompt for a password. This password relays back to PingFederate through WS-Trust, so monitor its log files for activity. If you do not see any, and receive an error in your email program about the password not being valid, the SSL certificate that PingFederate is using is probably self-signed. Check that this SSL certificate is signed by a CA that Microsoft trusts and then retest.