Help CenterO365 SSO can only be enabled and set up by a ThreatLocker super-admin.
To enable SSO on existing user accounts, you will need to have a password reset email sent by an Admininstrator in your ThreatLocker organization.
0365 SSO requires the settings in Azure to be configured to 'Allow user consent for apps from verified publishers'.
Enabling SSO
Navigate to Users > Additional Options > Login Settings
Select the 'Allow SSO' toggle.
Select 'Save'.
When you invite a new user, once they follow the link to set up their account, the user will have the option to confirm their new ThreatLocker account with Office 365 or manually with a password.
If the user selects the Office 365 button, a prompt will open for them to sign in to their Microsoft account.
Once they click the 'Sign In' button, the user will be logged into the ThreatLocker Portal.
The next time the user logs into the ThreatLocker Portal, once they insert their Username, the Office 365 button will populate under Login with SSO.
Please Note: If you disable SSO on an organization, any user accounts on that organization with SSO linked will no longer be able to log in. To regain login access, an Administrator in your organization can send a password reset email to the associated account.
Enabling SSO does not disable other MFA methods. We recommend that you use MFA for all accounts.