Configuring with Thru Ticket Server SSO
Thru users can authenticate using corporate SSO configurations. However, Thru AD Sync Ticket Server and Azure AD and Oauth are the only configurations that support user authentication via SSO in the Thru Outlook add-in. SAML2.0 SSO such as ADFS, Onelogin, and Okta will not work with the Thru Outlook Add-in (unless via Azure AD or Oauth).
This chapter describes the steps for activating Thru Outlook Add-In authentication using SSO with Thru’s Ticket Server.
The Thru.config file on the user’s desktop must be modified to enable SSO instead of the default setting with native password authentication.
The config file can be found in the system folder C:\Program Files (x86)\THRU.
The file must be edited as Administrator. The following parameters in the config file need to be modified.
;; AuthMode
;; Defines Thru authentication mode.
;; Available values:
;; 'Password-based': Direct authentication at Thru server with a username and password
;; 'Single sign-on': Integration with Active Directory via Thru Identity Synchronization Service that creates users and Single Sign-On authentication via Thru Ticket Server.
;; 'SSO on demand': Integration with Active Directory and Single Sign-on authentication via Thru Ticket Server. Users are created on demand.
;; 'AzureAD': Integration and single sign-on via Azure Active Directory. Users are created on demand.
;; Default value: Password-based
AuthMode=Password-based
;; --------------------------------
;; --- Thru Connection Settings ---
;; --------------------------------
;;
;; TicketServerUrl
;; Defines the URL of the Thru. Ticket server to use for Single sign-on. This is the URL
;; of the internal webserver where the Thru Ticket Server Web Service is installed.
;; TicketServerUrl is only applicable when AuthMode is 'Single sign-on'.
;; Preset value: <undefined>
;
; TicketServerUrl=https://<Server Name>/<Ticket Server Web Site Name>