To enhance security and streamline the login process, you can set up Single Sign-On (SSO) with Microsoft accounts for your organization. Follow these steps to configure SSO with minimal required permissions:
Steps to Enable SSO with Microsoft Accounts:
1. Admin Invitation and Registration
Receive an Invitation:
The first admin will receive an invitation via to our product.
Open the invitation email and click on the provided link to accept our Terms & Conditions.
Register with a Microsoft Account:
After accepting the Terms & Conditions, you will see an option to "Register with a Microsoft Account."
Click on this option to proceed.
Granting Consent:
You will be prompted to grant consent for our application.
The consent request will include minimal permissions, specifically the delegated permission:
https://graph.microsoft.com/User.Read.
2. Admin Consent Requests
Navigate to Admin Consent Requests:
Log in to the Microsoft Entra ID (formerly Azure AD) portal.
Go to Enterprise Applications > Admin consent requests.
Review and Approve Permissions:
Locate the consent request from our application.
Review the requested permissions and approve the request.
3. User Verification and Licensing
User Verification:
Once the permissions are granted, we will be able to verify your users through Microsoft.
User Management:
Contact us to discuss methods for synchronizing your users to keep the list up-to-date.
Additional Information
Domain Restriction (Optional):
On request, we can enforce login restrictions to ensure that only users from a specific domain can access our products.
Enabling this option will disable standard login, enhancing security by limiting access to verified users within your organization.
By following these steps, you can ensure a smooth and secure SSO setup with Microsoft accounts for your organization. If you need further assistance or have any questions, please contact our support team.