home

Mobile Endpoint Security

Lookout Product Documentation

Find answers about using and optimizing Lookout products.

Required Information for Azure Active Directory

Please provide the following information:

  • Do you plan to deploy Lookout using Service Provider (SP) or Identity Provider (IDP) initiated flow?

    The differences are outlined here.

    • For SP initiated flow, please provide a list of domain names that should redirect to AAD:

      _________________________________________________________________________________

      _________________________________________________________________________________

      _________________________________________________________________________________

  • Does your deployment require more than one production tenant? If so, how many? ______________
  • Do you require signed SAML requests/responses?

    By default, Lookout returns signed responses for both redirect and POST bindings.

    ▢ Require signed response (HTTP redirect)

    ▢ Require signed response (POST binding)

    ▢ Require signed request (HTTP redirect)

    ▢ Require signed request (POST binding) Lookout does not currently support signed requests for POST bindings.

  • AAD generated IDP URL: _________________________________________________________________
  • IDP metadata URL: ______________________________________________________________________
  • Group Names or Resource IDs for Lookout MES Console Access:

    Lookout has 4 levels of access: Full Access, Restricted, Read-Only, and Enrollment Only. Please provide Lookout with a Group Name or Resource ID for each:

    • Full Access: ______________________________________________________________________
    • Restricted Access: ________________________________________________________________
    • Read-Only Access: ________________________________________________________________
    • Enrollment Only Access: ____________________________________________________________
  • Group Name or Resource ID for ORG Access:

    For ORG deployments, Lookout provides an additional Super Administrator Access level to provide access to the Multi-Tenancy Administrator’s Console. Any member of this group must also be a member of the Full Access group. Please provide Lookout with a Group Name or Resource ID:

    • Super Administrator Access: __________________________________________________________
  • Group Name or Resource ID for ORG Tenant Access:

    For ORG deployments Lookout provides an access level to allow administrator access to the specific tenant. The user must be in an ORG Tenant access group and in one of the MES console access groups depending on the level of access needed. Please provide Lookout with a Group Name or Resource ID for each tenant:

    • Tenant 1 Access: ___________________________________________________________________
    • Tenant 2 Access: ___________________________________________________________________
    • Tenant 3 Access: ___________________________________________________________________