Overview
ComplyFlow's Microsoft SSO integration allows Enterprise (Starter) and Enterprise (Pro) users to sign up and log in using their existing Microsoft business accounts. This streamlined authentication reduces password management overhead while maintaining enterprise-grade security standards.
This guide covers both signup and login processes, troubleshooting, and technical requirements for Microsoft SSO integration.
Microsoft SSO Benefits
For Users
Single Sign-On: Use existing Microsoft credentials
No Additional Passwords: Eliminates need for separate ComplyFlow password
Faster Registration: Skip the email verification step during signup
Enterprise Security: Leverage Microsoft's multi-factor authentication and security policies
Familiar Interface: Use the Microsoft login experience you already know
For IT Administrators
Centralised Identity Management: Users authenticate through existing Azure AD
Security Policy Enforcement: Microsoft security policies apply to ComplyFlow access
Reduced Support Overhead: Fewer password-related support requests
Audit Trail: Microsoft login events tracked through Azure AD logs
Technical Requirements
Microsoft Account Requirements
Business Account Required: Must be Microsoft 365 or Azure AD account
Personal Accounts Not Supported: Gmail.com, Microsoft Outlook (formerly Hotmail): Free email and calendar | Microsoft 365 , or personal Microsoft accounts will be rejected
Email Permissions: Account must have permission to share email address with third-party applications
Active Status: Account must be active and not suspended
Browser and System Requirements
Modern Browser: Chrome 80+, Firefox 75+, Safari 13+, Edge 80+
JavaScript Enabled: Required for OAuth2 authentication flow
Cookies Enabled: Session and authentication cookies must be allowed
Pop-up Blockers: May need to allow pop-ups for Microsoft domains
Network Requirements
HTTPS Access: All authentication traffic uses SSL/TLS
Microsoft Domains: Access required to login.microsoftonline.com and Microsoft Graph Dev Center | APIs and app development
OAuth Redirects: System must allow redirects between ComplyFlow and Microsoft domains
Registration with Microsoft SSO
Starting Registration
Navigate to ComplyFlow Enterprise (Starter) registration page
Complete Step 1: Organisation details (country, business type, etc.)
Enter User Information: First name, last name, phone number
Select Microsoft Registration: Click "Register with Microsoft" button
Skip Password Fields: Email and password fields are automatically hidden
Microsoft Authentication Flow
Step 1: Microsoft Login
Redirected to Microsoft authentication page
Enter your Microsoft business account credentials
Complete any multi-factor authentication required by your organisation
Step 2: Consent and Permissions
ComplyFlow requests access to:
Email Address: For account identification and notifications
Basic Profile: Name and profile information
Organisation Information: Business details from Azure AD
Step 3: Account Verification
System verifies email address matches business domain requirements
Checks that account is active and has appropriate permissions
Creates ComplyFlow user profile using Microsoft account details
Successful Registration
After successful Microsoft authentication:
Automatic Account Creation: ComplyFlow account created immediately
No Email Verification: Skip email verification step entirely
Welcome Screen: Proceed directly to account setup wizard
Profile Pre-Population: Name and email automatically populated from Microsoft account
Registration Error Handling
"Email not found in Microsoft response" Error:
Your Microsoft account doesn't have permission to share email
Contact your IT administrator to enable email sharing
Try using a different Microsoft account with proper permissions
"Business email required" Error:
Personal Microsoft accounts (Microsoft Outlook (formerly Hotmail): Free email and calendar | Microsoft 365 , Microsoft Outlook (formerly Hotmail): Free email and calendar | Microsoft 365 ) are not allowed
Use your organisation's Microsoft 365 account instead
Consider email registration if you don't have business Microsoft account
"Account creation failed" Error:
Microsoft account may not have required permissions
Try clearing browser cache and cookies
Contact support if problem persists with valid business account
Login with Microsoft SSO
Standard Login Process
For New Microsoft SSO Users:
Navigate to ComplyFlow login page
Click "Login with Microsoft" button
Authenticate with Microsoft (if not already signed in)
Automatic Login to ComplyFlow dashboard
For Existing Email + Password Users:
You can add Microsoft SSO to existing accounts:
Login with your existing ComplyFlow credentials
Navigate to Account Settings > Security
Link Microsoft Account to enable SSO login
Future logins can use either method
Multi-Identity Login
For Users with Multiple ComplyFlow Accounts:
If you have multiple ComplyFlow identities (contractor, employee, enterprise):
Select Login Method: Choose Microsoft SSO
Authenticate with Microsoft
Select Organisation: Choose which ComplyFlow account to access
Proceed to selected account dashboard
Session Management
Active Sessions:
Microsoft SSO sessions remain active based on Microsoft's session policies
ComplyFlow sessions are independent of Microsoft session duration
Explicit logout from ComplyFlow recommended for security
Session Timeout:
ComplyFlow sessions timeout based on ComplyFlow security settings
May require Microsoft re-authentication after extended inactivity
Organisation SSO policies may override default timeout settings
Microsoft SSO Administration
For IT Administrators
Azure AD Configuration:
No special configuration required for standard Microsoft 365 accounts
ComplyFlow appears as a third-party application in Azure AD logs
User consent may be required for first-time authentication
Enterprise Application Management:
ComplyFlow can be added as an Enterprise Application in Azure AD
Allows centralised management of user access
Enables conditional access policies and security controls
User Provisioning:
Manual user registration still required (no automatic provisioning)
Users must complete ComplyFlow registration process individually
Group-based access control not currently supported
Security Controls
Conditional Access Policies:
Azure AD conditional access policies apply to ComplyFlow SSO
Location-based restrictions will affect ComplyFlow access
Multi-factor authentication requirements are enforced
Application Permissions:
ComplyFlow only requests minimal required permissions
No access to Microsoft files, calendar, or other data
Email and basic profile information only
Audit and Compliance:
Microsoft SSO authentication events logged in Azure AD
ComplyFlow maintains separate audit logs for application activity
Both systems provide compliance reporting capabilities
Troubleshooting Microsoft SSO
Common Login Issues
"Unable to authenticate with Microsoft" Error:
Check Account Status: Ensure Microsoft account is active
Verify Permissions: Account must have email sharing permissions
Clear Browser Cache: Remove cookies for Microsoft domains
Try Incognito Mode: Test with fresh browser session
Contact IT Admin: Check for organisation restrictions
"Multiple accounts detected" Warning:
Sign out of Microsoft: Use specific account for ComplyFlow
Use Account Picker: Select correct account when prompted
Clear Microsoft Cookies: Force fresh authentication
Use Different Browser: Avoid account mixing
"Access denied" Error:
Organisation may have restricted third-party application access
Contact IT administrator to whitelist ComplyFlow
Alternative: Use email registration method instead
Browser-Specific Issues
Chrome Issues:
Disable third-party cookie blocking temporarily
Check that JavaScript is enabled
Clear site data for ComplyFlow and Microsoft domains
Firefox Issues:
Adjust enhanced tracking protection settings
Allow cross-origin requests for authentication domains
Check add-ons that might block authentication flows
Safari Issues:
Disable "Prevent cross-site tracking" temporarily
Allow pop-ups for Microsoft authentication domains
Clear website data for both ComplyFlow and Microsoft sites
Network and Firewall Issues
Corporate Network Restrictions:
Whitelist Microsoft authentication domains
Allow HTTPS traffic to *.microsoftonline.com
Permit redirects between ComplyFlow and Microsoft domains
VPN Interference:
Some VPNs may interfere with Microsoft authentication
Try disabling VPN temporarily for registration/login
Contact network administrator if issues persist
Account-Specific Troubleshooting
"Email address mismatch" Error:
Ensure you're using the correct Microsoft account
Email address must match business domain requirements
Contact support if using correct account but still getting error
"Account suspended" Error:
Microsoft account may be suspended by the organisation
Contact IT administrator to restore account access
Use alternative email registration method if needed
"Permission denied" Error:
Account lacks permission to consent to third-party applications
IT administrator may need to pre-approve ComplyFlow
Request admin consent through Azure AD portal
Security and Privacy
Data Protection
Information Collected:
Email address from Microsoft account
Display name and basic profile information
Organisation information (if available in Microsoft profile)
Authentication tokens (temporary, not stored)
Data Storage:
Email and profile information stored in ComplyFlow database
No Microsoft passwords or sensitive credentials stored
All data encrypted at rest and in transit
Data Sharing:
Information only used for ComplyFlow account management
No data shared with third parties beyond Microsoft authentication
Standard ComplyFlow privacy policy applies to all account data
Authentication Security
OAuth 2.0 Standards:
Industry-standard authentication protocol
Secure token exchange between ComplyFlow and Microsoft
No password sharing between systems
Token Management:
Short-lived authentication tokens only
No long-term Microsoft credentials stored
Automatic token refresh handled securely
Session Security:
ComplyFlow sessions independent of Microsoft session
Proper logout recommended for shared devices
Session timeout based on ComplyFlow security settings
Alternative Authentication Methods
When to Use Email Registration Instead
Microsoft SSO Not Available:
Organisation doesn't use Microsoft 365
Personal Microsoft accounts only available
Corporate policies restrict third-party SSO
Technical Issues:
Persistent Microsoft authentication problems
Network restrictions blocking Microsoft domains
Browser compatibility issues with SSO flow
User Preference:
Prefer separate credentials for ComplyFlow
Want manual control over session management
Need to use non-Microsoft email address
Getting Support
Before Contacting Support
Verify Account Type: Ensure using business Microsoft account
Test Different Browser: Try Chrome, Firefox, or Edge
Check Network Access: Confirm Microsoft domains are accessible
Review Error Messages: Note exact error text for support team
Information to Provide
Microsoft SSO Issues:
Exact error message text
Microsoft account email domain
Browser and version information
Network environment (corporate, home, VPN)
Authentication Problems:
Step where process fails (registration vs. login)
Screenshots of error screens
Whether other Microsoft applications work normally
Any recent changes to Microsoft account or organisation settings
Support Channels
Email: support@complyflow.com.au