By default, the application initially deploys with Microsoft Open ID Connect (OIDC).
Users will be prompted to Sign In with their Microsoft Credentials and grant consent.
Configuring User Permissions
Users must also be assigned a permission in the application. Go to Settings > Security & Permissions > User & Group Permissions to associate different permissions to your users.
Why OIDC?
-
OIDC is easy to set up. OIDC does not require additional configuration on your tenant. Once users have their permissions assigned, they can authenticate with their Microsoft Account via the “Sign In With Microsoft” button on the home page.
-
OIDC supports multi-tenant authentication. Administrators can grant access to users from outside your primary organization tenant.
Please note that multi-tenant user groups are not supported. Permissions for multi-tenant users must be managed on a per-user basis.
Why choose SAML SSO
- SAML SSO can be customized. You can customize which Identity Provider to use, allowing you to configure your own vendor as your IdP.
How to enable SAML
Enable SAML by going to Settings > Security & Permissions > Single Sign On. When SAML SSO is enabled, SAML SSO will be prioritized. If SAML SSO is disabled, ZPM will use OIDC instead.
Additional steps are required for SAML SSO. To learn more, please refer to our Setting Up SAML SSO for ZPM with Azure IdP guide.
By disabling SAML, the application will revert back to using Microsoft IODC
