Account Management
      Back to home
      1. Help Center
      2. Portal Guides
      3. Account Management

      Enabling Single Sign-On (SSO) with Microsoft 365/Entra

      Simplify user management using SSO from Sendmarc & Microsoft

      Required - The following permissions will be required in order to perform the below actions:

      • Account Administrator permissions in Sendmarc
      • Global Administrator permissions in Microsoft Entra

      These permissions will need to be shared by the same user.

      Additionally, each user will need to exist in Sendmarc and Microsoft Entra in order for them to leverage SSO.


      To enable SSO with Microsoft Entra, follow these steps:

      1. Login to Sendmarc using your Sendmarc username and password.
      2. On the left-hand panel, select the 'Account Administration' dropdown and select 'Accounts'. This will open the 'Account Management' interface on the main screen.
      3. Click the pencil icon on the right of the account for which you'd like to enable SSO. This will open the 'Edit the Account' modal on the right.
      4. In the 'Edit the Account' modal, select 'Security'. You will now be presented with a number of options:
        1. Single Sign-On - This allows you to control whether or not this account will make use of SSO.
          1. Disabled - Do not allow the use of SSO for this organization.
          2. Enabled - Allow the use of both Sendmarc username and password as well as SSO.
          3. Forced - Require all users to use only SSO (i.e. Sendmarc username and passwords are not accepted credentials). If you use this option, you'll also need to select which Sendmarc- supported SSO provider you would like to make use of.
        2. Two-Factor Authentication (2FA) - This adds an extra layer of security to your account by requiring users to enter a unique code each time they log in. Note that this option is only available if SSO is set to 'Disabled' or 'Enabled'. There are two options available for this setting:
          1. Disabled - Do not make use of 2FA.
          2. Forced - Require all users to setup and enable 2FA for Sendmarc.
        For the purpose of enabling SSO for Microsoft Entra, please select either Enabled or Forced (choosing Microsoft as your provider) for the 'Single Sign-On' Setting and Click 'Save'.

      When enabling SSO for the first time, it is advisable to start with SSO set to 'Enabled' first to avoid an account lockout should any error occur during setup.

       

      Now that SSO has been enabled on Sendmarc, you'll need to logout and login again using the 'Login with Microsoft' option.

      This will direct you to the Microsoft login process, where you will be prompted to accept the creation of the Micrsoft Entra Sendmarc app. 

      Once completed, your users will be fully enabled for SSO.