Allow “Sign in with Microsoft” to work with business accounts
已于 2024年7月24日 发布
This seems like an odd nuance, but I recently discovered that the “sign in with Microsoft” SSO button does not work for end users that have a Microsoft business account. We work with businesses exclusively, and most businesses use Microsoft… so it only makes sense to have an SSO button that works, out of the box, for end users to sign in using their Microsoft account.
10 条评论
Scott Tynan
We are in the same position and I had no idea that this did not work for business accounts. Thanks for raising it.
Caroline Kello
Hey folks, you're right that Microsoft as an SSO option for end users is currently limited to Microsoft as a “social sign-in” (meaning you can use or Xbox or Outlook details for example). This is highlighted in our Enabling social and business SSO article.
I agree with you that there's situations where end users are actually operating in a professional capacity, and should be allowed to use their Microsoft business details through the native Microsoft SSO method, the current workaround is setting it up via SAML instead.
We've no current plans to address this but I'll log this internally so that I can track it. Many thanks for raising it.
Michael Adams
Caroline Kello I know this is not the support channel but how does using the SAML setup help here? If we setup the SAML, that would only work for just one MS business domain/instance or would that allow any MS O365 business user to login via MS Business SSO?
Caroline Kello
Microsoft has their own documentation for how to set it up using SAML.
Michael Adams
What we have found is that the SAML function is for one MS account… what we are wanting is for any user with a MS business account to be able to sign in to our ZD account using an SSO button.
Scott Tynan
Caroline, this approach does not work as it requires users to be assigned to groups within your own AD. You can't do that ahead of time without knowing who of your cusomters use Microsoft and then partnering with them as trusted orgs to share AD data. Companies just don;t do this, especially companies that are primarily B2B with thousands of organisations they deal with, it's just not feasable.
Also, Zendesk doesn't support JIT so there is no workaround for the above requirements.
It would be great if we could get fully researched and comprehensive answers from the PM team instead of being dismissed so quickly.
Chad Frerichs
We would really appreciate a solution to this issue as well. All of our customers use work or school accounts with Microsoft or Google.
Being able to present them with a sign in with Google button but not a sign in with Microsoft button is far from ideal.
Michael Adams
Correct @Scott
Sam Sanders
Thank you for taking the time to provide us with your feedback. This has been logged for our PM team to review. For others who may be interested in this feature request, please add your support by upvoting this post and/or adding your use case to the comments below. Thank you again!
Chris Rose
Zendesk - you are missing the boat here and going to lose compliance customers. There is no way to require MFA for end users and now you take the enterprise app functionality away from M365. SSO is not practical with hundreds of business customers. If this or required MFA for end users is not addressed, we'll be forced to move everything to Jira or service now as we need positive confirmation that end user is who they say they are for security reasons. Please reconsider building an enterprise app for M365 Commercial AND GCC-High. This is very common amongst vendors and Microsoft has a large market share so I don't see why this wouldn't be high in your road map. Cyber compliance isn't going anywhere, this problem will only get worse. Thanks for the consideration.