Administration
      Back to home
      1. Emitwise Academy
      2. Administration & Security
      3. Administration

      Setting up Single Sign-On (SSO)

      This guide explains how to set up SSO for Microsoft Azure Active Directory (Azure AD) and Google Workspace, so your users can sign in seamlessly.

      Introduction

      Single Sign-On (SSO) lets your team log into Emitwise using their existing corporate credentials—reducing login friction and improving security. This guide explains how to set up SSO for Microsoft Azure Active Directory (Azure AD) and Google Workspace, so your users can sign in seamlessly.

      Step-by-Step Guide

      1. Microsoft SSO

      Getting started with Microsoft Single Sign-On (SSO) in Emitwise is simple. This guide walks you through the steps to get your organization up and running smoothly, even if you're unfamiliar with Azure or technical terms.

      Step 1: Receive an Emitwise Invitation

      An Emitwise admin or someone in your organization will invite you to the platform. Check your inbox for an email with a registration link (e.g., https://dash.emitwise.com/register/...).

      Step 2: Sign Up Using Microsoft

      1. Click the registration link in the email.
      2. On the sign-up page, select Sign up with Microsoft.
      3. Log in with your Microsoft (Azure AD) account.

      80

      Step 3: Grant Permissions

      When signing in with Microsoft, you’ll be prompted to grant Emitwise access to your basic profile information (like your name and email).

      • If you're an admin: Select “Consent on behalf of your organization” to approve access for all users in your company.
        • This means individual users won’t need to grant permissions themselves or request admin approval. Everyone in your organization will automatically be able to sign in to Emitwise without additional prompts.
      • If you're not an admin: Your sign-in attempt will trigger a request to your organization’s Azure admin. Once the admin approves your request, you’ll be able to access Emitwise.

      81

      Step 4: Admin Consent and Configuration Options

      If you prefer not to let individual users grant their own permission to access Emitwise (user-level content)—or if you want more control over who can sign in—an Azure AD admin can manage this process by approving access through admin consent. Here’s how you can set it up:

      1. Decide on Your Consent Approach

        • User Consent Allowed: Non-admin users can grant permission for Emitwise to see their profile data.
        • User Consent Not Allowed: An admin must explicitly approve (or deny) each user’s request to sign in with Emitwise.

        82

      2. Configure Admin Consent Workflow

        • If user-level consent isn’t permitted by your policies, set up an admin consent workflow.

          • Browse to Identity > Applications > Enterprise applications > Consent and permissions > Admin consent settings.
          • Under Admin consent requests, select Yes for Users can request admin consent to apps they are unable to consent to.
          • Each time someone tries to sign in to Emitwise with Microsoft SSO, they’ll trigger a request for admin approval that you must review.
          • Until you approve that request, the user sees a prompt stating they need permission.

          83

      3. Grant Emitwise Access (Tenant-Wide or Per User)

        • Once you approve a user’s access, they won’t need further consent prompts.
        • If you prefer to skip individual approvals, consider tenant-wide admin consent. This gives Emitwise access on behalf of everyone in your organization—unless you later restrict it further.
        • Either method ensures a consistent sign-in experience: users won’t be asked for permission again.

      By choosing how you handle admin consent, you control whether any user can freely grant Emitwise access or if every request requires review. In either case, once you approve it, future logins are seamless.

      Step 5: Enforce Microsoft-Only Login (Optional)

      • If you want to disallow other sign-in methods (Google/password), contact Emitwise to restrict them for your account.

      2. Google SSO

      Step 1: Check Your Google Workspace

      • Ensure your domain users have Google accounts under your company’s domain.

      Step 2: Invite Users to Emitwise

      • Similar to Microsoft, invite users to your Emitwise account.
      • Users click the link in the invitation email and select Sign up with Google.

      Step 3: Grant Basic Profile Access

      • Google prompts for permission to share the user’s name/email with Emitwise.
      • Upon acceptance, the user is registered via Google SSO.

      Step 4: Enforce Google-Only Login (Optional)

      • If you want to disable Microsoft or password-based logins, contact Emitwise to set up the necessary restrictions.

      Conclusion

      By enabling SSO—whether through Microsoft Azure AD or Google—you streamline the login process, maintain centralized credential management, and keep your organization’s data secure. Should you want to restrict any other sign-in methods, just reach out to your Emitwise contact for assistance.