Not sure where to ask this question....
We are moving our student email to Office 365. The Office 365 domain
has been federated to Access Manager via SAML2 protocol (as described in
the Access Manager documentation). This is the only configuration that
we have done. Some Office 365 accounts have been created (using the
Office 365 driver for Identity Manager) and SSO is working as expected,
in the main. However, during tests, when we choose to edit a document
using the full Word app (not online Word) the user is requested to
authenticate again so we see the Access Manager login page again. This
seems to happen whether or not we are logged into the PC as that user or
not. I'm NOT surprised by this as Word is not a web application and
does not see the Access Manager session and, there is no trust between
the local AD and Azure AD. It seems that we need to do more
configuration but I am not sure what needs to be done in order to allow
students to edit documents without authenticating again. Does any one
have any experience of this?

sttennant's Profile: https://forums.netiq.com/member.php?userid=389
View this thread: https://forums.netiq.com/showthread.php?t=55083