Off-The-Job changes in line with the ESFA Funding Rules 2022/23

Click here to see our planned changes to support the new funding rules. Get involved by upvoting, commenting and following the topic to receive updates!

Scheduled Maintenance: Saturday 8th October 2022 - 07:00-07:30am

On Saturday morning, we're carrying out server maintenance. 

Please ensure you have saved any work and have logged out prior to 7:00am to avoid any potential loss of data.

Help centre

Submit a ticket Log in

Microsoft Azure AD

When a user browses to the OneFile login page, they have the option of signing in 3 different ways based on what has been configured: 

  • Username and Password
  • Microsoft 365 (formerly Office 365)
  • Facebook

Microsoft 365 and Facebook must be setup by each individual user once the relevant button has been clicked on the login page.

All our users from all the organisations we work with, access our products through the same single login page. We do not know who they are or where they are from before they login.

The user is therefore presented with a login page containing the different options available:
Username or Keychain Email 
Login area 
O Facebook 

To log in using Microsoft 365, the user can click the Microsoft button, and this starts the login journey to Microsoft.

It should be noted that this is using the Microsoft 365 generic/multi-tenant login page rather than a specific organisations tenant login page.

If the user is not signed into Microsoft Office365 at that time, then they will be prompted to login, as shown below:

Sign in 
mail address, phone number or Skype 
No account? Create one! 
Can't access ├čur account? 
options

However, if the user is already logged in to Office365  (and assuming the OneFile Microsoft App has consent, see below) then the user is returned to OneFile and logged in.

Microsoft/OneFile consent

Depending on how your organisation has configured Microsoft 365, you may need to give Microsoft/OneFile consent, or you may need your IT team to approve the app.

External guidance from Microsoft can be found below:

High Level Overview

  1. The user clicks the link to login using Microsoft 365 and they are taken to the Microsoft 365 system
    1. If they are not logged in then they are prompted to login and then redirected back to OneFile
      • the user or the users organisation may need to approve the Microsoft OneFile "App"
    2.  If they are logged in then the user is redirected to OneFile and logged in

Technical Details

The following guide contains more technical information on our implementation of Single Sign-on with Microsoft:

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.