Single Sign-On (SSO)

Using SSO to access Envoke

Zoltan Wagner avatar
Written by Zoltan Wagner
Updated this week

SSO is currently in beta release, available upon request. Please start a support chat and ask for SSO to be enabled for your account.

Envoke SSO currently works with Microsoft Entra ID, formerly known as Azure Active Directory.

SSO is not available on the Standard billing plan.

Login link

While SSO is in Beta the login link is: https://login.envoke.com/ssologin.html

Microsoft account requirement

An MS Entra (Microsoft Entra ID P1 or more) account is required.

Steps to enable SSO

Enable SSO from the Security section on your Account Settings page and enter the Entra Tenant ID:

Next, link your own user with your MS account on your user profile page or use the link on the Security page. This will direct the user to authenticate on MS and asks for permission for using the Envoke account.

You can make SSO required for other users of your account.

Signing in with SSO

If SSO is optional

  • On the next login, on the SSO login page, the user can pick to login via username and password or via SSO by clicking the Sign In with Microsoft button.

If SSO is required

  • On the next login, on the SSO login page, the user can only login via SSO by clicking the Sign In with Microsoft button. Entering a username and password will result in an error.

SSO login

  • When user clicks the Sign In with Microsoft button on the SSO login page they will be redirected to the MS authentication window. They login to MS and are automatically directed to their Envoke account.

  • If already signed in to MS they will simply be redirected to their Envoke account

Removal

  • User accounts can be unlinked on the users edit page or the user's profile page. Unlinked users can relink their own accounts and once again have access.

  • The MS admin can also revoke a user from using the Envoke Application in MS. This will immediately logout the session Revoking the Envoke Application access inside MS and making the feature required for all users is the only way to restrict access to this feature.

Restrictions

  • Only one MS account can be enabled per user

  • Only one user per MS user, there is an error if another user tries to link the same account.

Did this answer your question?