If you have an Okta implementation and find that some of your users are unable to login to various Microsoft Office 365 applications like OneDrive, Outlook and Teams the problem may be related to your SSL Certificate.
Okta documentation and support make references to expired and misconfigured SSL certs on their IWA server. See the following for details:
- Cannot sign into an Office 2016 application on Windows 10
- Outlook 2016 spinning “signing in” to O365 with DesktopSSO/IWA enabled (SSL also enabled)
- Unable to login to Microsoft Teams automatically
However, we found that the problem related to wild card certificates. It appears that our Okta proxy intermittently did not like using the wildcard cert and we had to change it to use the fully qualified certificate.