Microsoft Entra ID (formerly Azure AD) is a cloud-based identity platform. Cognito Forms’ native SAML integration lets users sign in using their Microsoft credentials—no separate passwords required.

Simplify secure access to internal forms while enforcing your organization’s Microsoft identity policies.

SSO for all users
No password duplication
MFA and conditional access

Use this integration to:

Authenticate users using Microsoft Entra ID
Enforce multi-factor authentication and conditional access
Eliminate separate login credentials

Use this integration when you

Use this integration when your organization needs to centralize identity management and enforce secure SSO across departments.

Commonly used by:

Teams using multi-factor authentication
Companies with multiple internal user groups with varying permissions
Enterprises that need to enforce SSO for compliance and risk reduction

How It Works

Open Cognito Forms Authentication Settings
1. Go to Organization Settings > Users & Authentication
Enable Microsoft SSO
1. Toggle Require single sign-on for all users
2. Select Microsoft as the provider
3. Restrict to your Microsoft tenant if desired
Sign in to Microsoft Entra ID
1. Visit the Microsoft Entra admin center
2. Use a Cloud Application Administrator account
Register a New App
1. Under App registrations, create a new application
2. Enter https://www.cognitoforms.com/svc/auth/oidc as the Redirect URI
Generate Client Secret
1. Navigate to Certificates & secrets
2. Create and copy a new client secret
3. Also copy the Application (client) ID and Tenant ID
Enter Azure Details in Cognito Forms
1. Paste the Tenant ID, Client ID, and Secret into Cognito Forms
Enable and Test SSO
1. Click Enable to activate
2. Log in using a Microsoft account to verify the setup

Still need help? Check out our User authentication settings article.

Authentication & SSO