Allow AIP authentication with identity realms other than Azure AD
The AIP Viewer can only authenticate via Azure AD, which is limiting to the way of sharing protected files, which is not sent by email where the federation is in place with Google, Yahoo, etc .. and the OTP code option
Can you please confirm the OME feature, which already allows sharing content via email with consumer email addresses, is not enough to address this requirement in your organization?
Hi @Enrique. One of the challenges, with the OME identity content sharing feature, is that its usability is intermittent. We have customers who G-Suite and frequently fail to use the OME feature for Federated sign-in, so we have turned it off and force OTP code. We have had this issue with support open for over a month but no one seems to own or want to resolve it.
This does not just affect us, our Microsoft partner also tested and encounter same issues. So this suggestion my vote for a solution which is robust and supported as what is currently in place is not fit for purpose
I have to agree. I have been ******* my head against wall in frustration and managed to get external consumer based email accounts working for viewing protect emails however you then fall into a big extrenal usability hole. When viewing the protected email via the guest AD account you can try to reply (the options are there) but it will not go anywhere or display an error message.
Now I know the original email is where you should reply from, but the external users will easily get this wrong, read and reply unknowingly (and assume it has been sent) from the guest AD asccount.
Lasse Soltvedt commented
Got a couple of customers that could really use this (ex. law firms that deal with private customers). These customers often send sensitive information and documents by email to their clients. A lot of these clients have a personal emailaddress like hotmail, gmail etc.
JOHN NABIL ISKANDER commented
Make the AIP available to Google or any email account.
Enable sharing protected documents with gmail and hotmail accounts