Hosted Email Security allows you to control the way that end users access the End-User Quarantine console.
On the Logon Methods screen, you can enable or disable the following logon methods:
Using end user accounts to log on
If this method is enabled, end users can use the accounts they registered on the End User Quarantine console to log on.
Using the existing Active Directory corporate credentials for single sign-on (SSO)
Once you enable SSO and complete required settings, end users can single sign on to the End User Quarantine console.
Hosted Email Security currently supports either of the following for SSO:
Microsoft Active Directory Federation Services (AD FS) 2.0
Azure Active Directory (AD)
Before configuring SSO, finish configuring AD FS 2.0 or Azure AD to complete federation server settings.
A federation server is a computer that runs a specialized Web service that can issue, manage, and validate requests for security tokens and identity management. Security tokens consist of a collection of identity claims, such as a user's name or role. The federation server can be configured only for Intranet access to prevent exposure to the Internet.