How do I set up Microsoft Entra ID Single Sign-On?

Follow this guide to set up Microsoft Entra ID Single Sign-On

In line with industry best practices and Microsoft’s recommendation for SSO, we support using OpenID Connect with Entra ID.

If the email address entered on our sign-in screen corresponds to an organisation using Microsoft SSO the user is offered a Sign In With Microsoft button which redirects to Microsoft so that the Joyous application can obtain an access token.

The access token is then used to request a user identifier via the Microsoft Graph API which can be associated with a user in the Joyous application.

The initial setup for SSO needs to be carried out with an account that has the Entra Global Admin role. Using this account ensures Leaders are not presented with a permissions popup every time they sign in through Single Sign-On.


Setup Process

Step 1 - Joyous:

  • Joyous will enable and confirm Entra SSO for your organization.

Step 2 - Customer:

  • Once the Joyous team has confirmed that Entra SSO has been enabled for your organization, the first person who signs in via SSO needs to be someone who has the Global Administrator role in Microsoft Entra. Log in here:

    • Once they log in via SSO, they will get the option to consent on behalf of the organization. Ensure that this checkbox is ticked before proceeding:

Step 3 - Customer:

  • Test leader sign-in. If configured with the Global Admin role, the permissions popup should not appear.


After completing these 3 steps, your integration is complete.


🔐  If you would like to learn more about how Joyous handles data security, read our Privacy and Security Overview.