Steps to setting up your organization to use Azure AD
- Go to the Admin panel inside your Zoios account. 
- Assign access rights to the relevant people in your organization (you can learn more in this guide on roles and access type). 
- You're done. π Users with can now log in via Microsoft. 
When employees in your organization with access click Login via Microsoft, they are send to Microsoft for authentication. When Zoios receives a valid token from the client and matches this with e-mail and access rights in Zoios, the login is complete.
Single Sign On created trust and ease
There are many good reasons for requiring SSO. The primary being:
- To ensure IT can control employee's access across applications (they have the control to kill access from one central place) 
- To make it easy for employees to log into applications without requiring many different strong combinations of users and passwords. 
The technical description
SSO through Azure AD is available to any organization. The Azure AD web SSO for Zoios is set up via an Azure AD App registration using the Azure AD directory Multitenant.
However, only e-mails from organizations already registered within a Zoios account will be granted access and are able to sign in. The integration is based on the industry protocol for authorization OAuth 2.0, for more information click here.
