How to enable and activate Microsoft Entra ID SSO in NordPass

NordPass Business supports secure, streamlined access to the app through Microsoft Entra ID Single Sign-On (SSO) using the OpenID Connect (OIDC) protocol. This integration ensures a fast and secure login experience for your organization while minimizing administrative overhead.

  • Entra ID SSO appears only when a user signs in on a new browser, browser profile, or device, or after they have logged out. A Business Account session remains active for 30 days on the same browser/device.
  • Enabling Entra ID SSO does not limit your user from using other authentication methods.
  • Each NordPass user’s e-mail address must exactly match their Entra ID User Principal Name (UPN).

Follow these steps to enable and configure Microsoft SSO:

  1. Log in to the NordPass Admin Panel.
  2. Go to settingsauthenticationsingle sign-on.
  3. Toggle Microsoft Entra ID to on.



  4. Switch to Microsoft Entra ID SSO only or keep both methods active.



    Note: If you prefer your users to use Microsoft SSO instead of creating a NordPass Business Account password, we recommend turning email & password off under Business Account. Be aware that any user who cannot sign in with Entra ID SSO cannot access their NordPass Business Account while this option is disabled.

  5. Log out of your NordPass account.
  6. Head to the manage account section of your NordPass business account, and revoke your current user session.
  7. Sign back to NordPass Business Account using continue with Microsoft.
  8. Enter your Microsoft Credentials if needed.
  9. When prompted, grant consent to the NordPass application on behalf of your organization. You must be a Global Administrator or Cloud Application Administrator to grant consent.

Once consent is granted, no further action is required in the Entra ID portal. NordPass automatically adds a NordPass OIDC SSO application to Enterprise Applications and maintains it for you.



The automated NordPass OIDC enterprise application is not designed for User and Group SCIM provisioning. If both OIDC SSO and SCIM provisioning are configured, two NordPass applications listed under Enterprise applications (Gallery application and custom application) are expected.

For guidance on setting up SCIM provisioning, please refer to this guide on how to set up user provisioning with Microsoft Azure AD

Was this article helpful?