For SSO to be enabled for individual users, you must assign these users to your SSO application in Azure AD and then make sure these users exist in Keepit.
If you have not yet created an application in Azure, see the step-by-guide: How to create an Azure application for SSO
To assign users in Azure AD:
- Sign in to your Azure account.
- Select Enterprise applications.
- Find the application you created for SSO and click the name.
- Under Manage, select Users and groups.
- Click + Add user, and the Add Assignment window will open.
Select Users and groups None Selected.
- Search for the users you want to be able to use SSO in the field provided, and then select them from the list below. Here you can also include the Master Administrator (the Global Admin who is setting up SSO) as well as all other users for whom you want to enable SSO.
When all desired users appear under Selected members, click the Select button.
- The number of users you selected will appear under Users and groups.
- Click the Assign button.
Now go to your Keepit User Admin account:
- Select the hamburger icon and then select Users.
- In the list of users, make sure that all the users that were assigned to the Azure application exist in Keepit. If there is no such user, then create a user with the same name and email address (this should be the same as the User Principal name) as the user in Microsoft 365.
Important: Keepit is case sensitive so when creating a new user in Keepit, make sure the email address is in the same case as the email address (User Principal name) in the Active Directory.
To sign in with SSO:
- Now when these users try to sign in to their Keepit account, they should enter only their email address and NOT their password. When they click Sign In, the users will then be redirected to the Microsoft page where they should sign in using Microsoft login credentials.
- When successfully signed in, the users will be redirected to their Keepit account.