Microsoft Entra/365 Single Sign-On (SSO) Setup

Before you begin
These steps must be completed by your Microsoft Entra admin, as we will require the administrator to grant consent to GovDash to implement single sign-on (SSO) within your tenant.

Setup

To begin setting up single sign-on (SSO) using your Microsoft Entra tenant:

365

GCC/GCC-High

Navigate to the Authentication tab in your GovDash Settings page
(https://dashboard.govdash.com/settings/authentication/)
Enter your Microsoft Tenant ID in the designated field, ensuring all other fields are correctly filled out.
A Microsoft Entra admin must be the first to authenticate to grant GovDash consent for SSO. Please make sure this administrator has been invited to your GovDash team.
Once the administrator has successfully authenticated and granted consent to GovDash, all users invited to GovDash will have access to Microsoft SSO. Please confirm that the email addresses used for invites match their Microsoft email addresses.
After Microsoft SSO is fully set up, you can disable GovDash OTP in the Team Settings tab of the GovDash Settings page. We recommend waiting until after the first successful Microsoft authentication before doing so.

Navigate to the Authentication tab in your GovDash Settings page
(https://dashboard.govdash.com/settings/authentication)
Enter your Microsoft Tenant ID in the designated field, ensuring all other fields are correctly filled out. Select the GCC-High checkbox and click Update.
A Microsoft Entra admin must be the first to authenticate to grant GovDash consent for SSO. Please make sure this administrator has been invited to your GovDash team.
Once the administrator has successfully authenticated and granted consent to GovDash, all users invited to GovDash will have access to Microsoft SSO. Please confirm that the email addresses used for invites match their Microsoft email addresses.
After Microsoft SSO is fully set up, you can disable GovDash OTP in the Team Settings tab of the GovDash Settings page. We recommend waiting until after the first successful Microsoft authentication before doing so.

FAQ

Where can I find my tenant ID?

You can find your Microsoft Entra tenant ID using the following information from Microsoft:

https://learn.microsoft.com/en-us/entra/fundamentals/how-to-find-tenant

How do I disable single sign-on (SSO) and go back to GovDash OTP codes?

If you wish to simply disable single sign-on (SSO) from your GovDash team, simply uncheck the Microsoft SSO check box within GovDash Settings > Authentication, and check the GovDash OTP check box to re-enable GovDash OTC code login.

If you want to fully remove single sign-on, click Delete Microsoft SSO Tenant from the GovDash Settings > Team Settings and be sure to select GovDash OTP from the Allowed Login Methods section.

Error Messages

Please see the table below for error messages and resolutions.

Error Message	Resolution
Microsoft didn’t return everything we needed. Please try again or contain GovDash support.	This likely means something went wrong on the Microsoft side of things and GovDash didn’t receive everything needed from Microsoft. Generally this means you should try again, or contact GovDash support to figure out what went wrong. This is most likely to happen when first onboarding a new team.
Something went wrong. Please try again or contact GovDash support.	This is an error that Microsoft returned to GovDash, so something went wrong during setup. Trying again may help, but please report this to GovDash support for investigation.
We received an unexpected result from Microsoft. Please try again or contact GovDash support.	Please contact GovDash support to investigate this message.
Unable to find email from Microsoft. Please try again or contact GovDash support.	This likely means that you do not have an email associated with that Microsoft account. Please try your sign in again using your Microsoft account that is tied to your tenant and configured with GovDash/Entra SSO.
We were unable to find your account. Please make sure you have been invited to GovDash by your GovDash administrator or contact GovDash support if this problem persists.	Your account has not yet been created. Please reach out to your team administrator to invite you, or contact GovDash if you are your team's administrator and are receiving this message.
You do not belong to any teams yet. Please contact your administrator or contact GovDash support.	Your account has not been associated with a team yet. Contact GovDash support to resolve.
Your account has not been set up for Microsoft SSO. Please contact GovDash support to enable this sign in method.	Your Microsoft Tenant ID in not configured in GovDash yet. You must either login using GovDash OTP or configure single sign-on using the setup steps in this article.
None of your teams allow for Microsoft SSO. Please contact your administrator or contact GovDash support.	You are not currently configured for single sign-on (SSO) login, and are currently set up to use the GovDash OTP login (emailed codes). Please configure SSO to fix this error message.