Proofpoint is giving the login experience a fresh new look that’s cleaner, brighter and easier to use. This update will be rolled out to production starting on Nov 9th, 2020 and will be completed by November 11th, 2020. No actions are required to receive this update.
Release dates:
- Monday, Nov 9th, 2020: US5, EU1
- Tuesday, Nov 10th, 2020: US1, US2
- Wednesday, Nov 11th, 2020: US3, US4
|
New brand styling
To align with the recent interface upgrade, Proofpoint has updated the branding for both branded and non-branded login experiences.
Current Style .vs. New Style
Color Scheme
Previously, only the partner’s logo was pulled from their account and used on the login landing page.
Now, the partner’s color scheme, as defined on their account, will be also used on the login page.
Partner Name
Partners can also choose to include their name on the login page, in addition to their logo.
For example, in the screenshot about it shows “Bob’s Managed Services” in between the logo and the login field.
New Login Experience
As part of the update, the user login experience has been broken into two steps (currently, the user enters both on the same page)
- Step 1: The user enters their email address
- Step 2: The user enters their password
Once a user fills in their email address, they will hit continue and see a 2nd page - asking for a password OR they can click on a Microsoft 365 button and auth through that tool as they do today.
A customer can choose (optionally) to force the Microsoft 365 Auth setting if they wish. If they do, the experience will be that the user lands on the login page, enters their email address and will automatically get the Microsoft credential prompt rather than having to hit the button.
Microsoft Integrated SSO
Today, users can sign into the Poofpoint Essentials portal with either a Proofpoint username and password or by manually selecting Microsoft to authenticate their account credentials.
In our new login experience, organizations can choose to force their users to authenticate with only their Microsoft credentials, creating a seamless Single Sign On experience. Users will be prompted to enter their Microsoft credentials immediately after entering their email address.
Prerequisites
In order to force users to authenticate with Microsoft, the following conditions need to be true:
- The user must have an active user account in Proofpoint Essentials
- The organization must be using and have synced users to Microsoft
- The organization must have a valid Azure connection in Proofpoint Essentials
- The following setting must be enabled (will be available after the release)
How to Enable Microsoft Integrated SSO
- Go to your Proofpoint Essentials login page.
- Enter your Username (email address) and click Login.
- Enter Password and click Login.
- Navigate to Administration > User Management > Import & Sync > Azure Active Directory
- Enable Allow users to authenticate with Microsoft
- Click save
Enabling this feature will direct all users (including administrators) to login using their Microsoft account.
Logging In With Microsoft Account
We will continue to allow users to manually authenticate using their Microsoft account.
PROCEDURE
- Go to your Proofpoint Essentials account login page.
- Enter your Username (email address) and click Login.
- Click Sign in with Microsoft.
- You will be redirect to a Microsoft account login page.
- Enter your Microsoft credentials.
- If successful, login will redirect you back to Proofpoint Essentials and you will be automatically signed into your account.
FAQ
1. If customers are already using the Office 365 Account button (on our existing page), will it continue to work?
A: Yes, however we have changed the location. Customers will need to enter their email address, click login and then Sign in with Microsoft.
2. Do these changes affect API authentication?
A: No. API auth is still through the PFPT auth (configured username/password).
3. Is there an impact to current or white-label URLs?
A: No.
4. Are there any changes to stack redirects (If a user logs into a different stack URL then they’re account is located)?
A: No.
5. What happens if Microsoft identity platform is down?
A: If the Microsoft identity platform is unavailable, users will be redirect to the Proofpoint Essentials account login page and asked to login using their Proofpoint Essentials credentials.
6. What happens if there is a problem with Microsoft identity platform and I have enabled Allow users to authenticate with Microsoft?
A: If there is a problem with Microsoft IDP, a custom parameter can be passed to utilize standard essentials authorization.
US Interface
Email Address = john.jones@test.com
https://us1.proofpointessentials.com...?main=1&email=EMAIL_ADDRESS
Example: https://us1.proofpointessentials.com/app/login.php?main=1&email=John.Jones@test.com
EU Interface
Email Address = john.jones@test.com
https://eu1.proofpointessentials.com...?main=1&email=EMAIL_ADDRESS
Example: https://eu1.proofpointessentials.com/app/login.php?main=1&email=John.Jones@test.com
7. I presume all login URLs, including whitelabelled URLs, are not changed?
A: Correct
8. In your new login experience 'branded' screenshot, you appear to include a company name and not just the logo. Where exactly is it pulled from?
A: