Smart Link for ‘OneDrive for Business’

A post from Darren White, our lead developer.

Smart Link for ‘OneDrive for Business’

In this post Darren is going to show you how, with the aid of a Smart Link you can SSO from SharePoint to ‘OneDrive for Business’, using the OneDrive link on the top right of the ribbon.

This blog post assumes you have:

  • Federated with Microsoft Online
  • SharePoint 2013 with SP1
  • ADFS with Web Application Proxy Set-up
  • SharePoint is published externally through your ADFS Proxy (This will still work externally just without SSO)

What is a Smart Link?

A Smart Link is a name for a URL that allows you to login to a Microsoft Online service, such as One Drive for Business, using your ADFS on-premises. These types of links are also known as ‘identity provider initiated sign in links’.

What does this mean for you?

Internally users can login to their PC on-premises and using the Smart Link they can SSO into Microsoft Online. Externally users can access SharePoint and sign in with ADFS and then using the Smart Link they can also SSO into Microsoft Online.  The vanity domain name of the tenancy is passed to the identity provider rather than the standard “onmicrosoft” default.

Creating the Smart Link

First we need to create our Smart Link that will do the SSO. The basic template for Smart Link is:

https://<ADFS_URL>/adfs/ls?wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=MEST%3D0%26LoginOptions%3D1%26wa%3Dwsignin1%252E0%26rpsnv%3D2 %26ct%3D1348618157%26rver%3D6%252E1%252E6206%252E0%26wp%3DMBI%26wreply%3D<Destination_URL>

  • <ADFS_URL> – This will be the URL for your ADFS. (E.G. sts.company.com)
  • <Destination_URL> – This with be a double encode URL for the destination. (E.G. https%253A%252F%252Fcompany-my%252Esharepoint%252Ecom)

So the full URL will look something like this:

https://sts.company.com/adfs/ls?wa=wsignin1.0&wtrealm=urn:federation:MicrosoftOnline&wctx=MEST%3D0%26LoginOptions%3D1%26wa%3Dwsignin1%252E0%26rpsnv%3D2 %26ct%3D1348618157%26rver%3D6%252E1%252E6206%252E0%26wp%3DMBI%26wreply%3D https%253A%252F%252Fcompany-my%252Esharepoint%252Ecom

Using the Smart Link

Now that you have the Smart Link you need to add it as a HTTP Redirect to create a vanity URL. I created a new folder within the MySite IIS Website but you might want to create a new Website. Once you decided what you want to use as your vanity URL, set the HTTP Redirect of that location as a 302 (Found) redirect to the Smart Link.

With the vanity URL in place you need to go into ‘Central Admin’ and under the ‘Office 365’ section, click the ‘Configure OneDrive and Sites links’ in the in the My Site URL box enter the vanity URL, Click OK and when you use the OneDrive link in the ribbon you should be singled signed into ‘OneDrive for Business’

 

More information about smart links can be found on this Office 365 blog: http://community.office365.com/en-us/w/sso/358.using-smart-links-or-idp-initiated-authentication-with-office-365.aspx