All Collections
Integrations & Embeds
Leveraging Elate's Microsoft SSO Functionality
Leveraging Elate's Microsoft SSO Functionality

This article walks through how to login to Elate using your Microsoft account.

Support Team avatar
Written by Support Team
Updated over a week ago

Purpose:

The purpose of this document is to provide information about the Microsoft SSO functionality within the Elate platform

Background:

Elate’s Login With Microsoft functionality allows users to authenticate directly to Elate directly via their Microsoft 365 Business account instead of requiring an Elate username and password. In order to do so, the user’s email address in Elate will need to match their email address in Active Directory.

Elate uses OIDC (OpenID Connect) with Microsoft to authenticate a user. Once a user has completed the authentication flow, Microsoft will issue a token to Elate that lets the Elate application know that a user has successfully completed the process and is allowed to access the application. When using the Microsoft SSO option, organizations can also choose to remove the option to login via username and password in Elate completely.

User Experience:

The user will navigate to app.goelate.com and select the “Sign in with Microsoft” option.

From there, the user will be directed to a Microsoft sign in page to enter their email and password:

If additional MFA requirements are set up for the Microsoft account, the user will be directed to complete those.

Once complete, they will be redirected back to their home page in Elate.

Other Notes:

  • If you wish to restrict login access to only allow users to login with Microsoft, please reach out to your CXM at support@goelate.com with your organization’s name so ensure this is toggled on for your account.

    • If this is enabled and a user is removed from your Active Directory for any reason, they will no longer be able to log into Elate.

    • If a user should no longer access Elate but still is active in your Active Directory, an admin for your Elate account should remove them from the User List under User Management.

  • If a user needs access to Elate, they will need to be set up with an Elate account prior to using the Sign in with Microsoft functionality, unless your organization has enabled just-in-time provisioning within Elate (the default is for this to not be enabled).

Setup:

  • There is no setup required within Microsoft to enable this functionality.

  • The only step required to ensure users can login via Microsoft is ensuring they have an account set up within Elate with an email address that matches their email in Active Directory.

Did this answer your question?