How to enable Microsoft SSO login for your Organisation
β
Before setting up Microsoft SSO, you must contact our support team and provide your Microsoft Tenant ID. We will add it to our system to ensure your organization is recognized.
Once your Tenant ID has been added, an administrator should proceed with the following steps to complete the setup.
β
Grant permissions on behalf of the Organization
Login with an Admin Account: The first user from your organisation to log in using Microsoft SSO should be a Microsoft administrator.
Consent to Permissions: During the login process, Microsoft will prompt the admin to grant permissions to the application.
Grant Organization-Wide Access: The admin must check the option to "Consent on behalf of your organisation." This ensures all users in your Microsoft tenant can use SSO without requiring individual consent.
What if the first login was not an admin?
If a non-admin user logged in first, an administrator must manually review and grant permissions in the Microsoft Azure portal.
Go to the Microsoft Azure Portal
Navigate to Enterprise Applications: Find the Thrive application.
Review and Grant Admin Consent:
Go to
Permissions
.Click
Grant admin consent for <your organization>
.Ensure the required permissions (
openid
,profile
,email
) are granted.
After these steps are completed, all users within your organisation will be able to log in seamlessly using Microsoft SSO without additional individual approvals.
β
For further assistance, contact our support team.