Federated users can't access Office 365, Intune, or Azure resources as a different user


A federated user can't access Office 365, Microsoft Intune, or Microsoft Azure as a different federated user. If the federated user logs on to the corporate Active Directory Domain Services as a different federated user, he or she is automatically signed in to Office 365, Intune, or Azure as the original federated user and isn't prompted to enter credentials of a different federated user. 


Use the Run as command in Windows to run a program from which Office 365, Intune, or Azure resources will be accessed by using alternate credentials.


This behavior is by design. Consider the case when single sign-on (SSO) uses Integrated Windows authentication to authenticate to Active Directory Federation Services (AD FS). In this case, SSO always uses the domain user context instead of any alternate user identity that's provided to Azure Active Directory (Azure AD).

Still need help? Go to Microsoft Community or the Azure Active Directory Forums website.

Article ID: 2643588 - Last Review: Dec 28, 2016 - Revision: 1

Microsoft Azure Cloud Services, Microsoft Azure Active Directory, Office 365, Microsoft Intune, CRM Online via Office 365 E Plans, Microsoft Azure Recovery Services, Office 365 Identity Management