Why does Microsoft use onmicrosoft.com and microsoftonline.com?
In 2019, it seems a given that a cautious user on the internet should be careful about which domains they connect to. Paying close attention to domains, Microsoft users will quickly see that the company doesn't always use microsoft.com - even for high profile endpoints. For example:
* Office 365 services use this endpoint for user login: https://login.microsoftonline.com
* Email: onmicrosoft.com
Can anyone explain the business, user, and technical implications involved in choosing a new domain (microsoftonline.com) over a subdomain of the business's core domain (online.microsoft.com)?
10 comments
[ 3.3 ms ] story [ 40.9 ms ] threadThis can also reduce cookie size, which adds up.
googleusercontent.com
gstatic.com
etc
If I had to guess, the team that made microsoftonline.com probably could have dealt with the group that "owns" microsoft.com and gone through all the security, functionality, routing and systems testing involved to add a new subdomain or root-level path, but it was faster, easier and safer to just use a new domain and not worry about 25 years of domain name baggage. Maybe it was actually a coordinated effort to avoid all that, or simply meet a deadline.
You never know. The longer you work in technology, the more you see systems get larger and larger and have their own rational for things that seem insane to an outsider. Maybe microsoft.com is running on an ancient Windows 2000 server and they've forgotten the admin password. You'd think that could never happen at a company like Microsoft (or maybe you would), but you'd be surprised.
Different SSL configuration.
Avoid DNS entries getting bloated?
Avoid a single point of failure?
They also have a very complex service delivery architecture. O365 “Commercial” and “Government Community”, share some components, and have separate ones for others. Then there is a separate US Gov O365 with a different TLD.