If your organization uses Microsoft Entra ID (formerly Azure Active Directory) for identity management, you should configure Single-Sign On (SSO) with ActivityInfo and your Entra directory.
Read more about why Single Sign On is important for securing your organization’s data.
Step 1: Test a single account
Before starting this step, you must already have an account with ActivityInfo using an email address linked to your organization’s Entra directory.
Navigate to the following link:
https://www.activityinfo.org/login/connectSSO/microsoft
You should be redirected to the Microsoft Sign In page:
Enter your email and password, and click “Next”
You should receive a success message. From now on, you will log in through your Google Workspace account rather than entering an ActivityInfo-specific password.
Step 2: Setting up a domain policy
Once you have confirmed that users can login through their Google Workspace account, contact support@activityinfo.org to request a domain policy for your email domain. This require all new users with the email domain to login through their Entra ID account from the start.
Step 3: Migrating existing users to SSO
Setting a domain policy does not automatically migrate existing accounts from your organization to use SSO. Migrating existing users to a new means of logging in requires careful planning and communication. Many users are (rightly) suspicious of sudden changes to log in procedures, and may disregard email notifications from ActivityInfo as phishing emails.
Follow the steps in the Migrating existing users to SSO guide to proceed.
Troubleshooting: administrator approval
In some cases, your IT department may not allow third-party applications to authenticate through your Entra directory without prior approval.
In this case, contact your IT department to ask them to authorize the following application:
| Display name | ActivityInfo |
| Application (client) ID | 367543a8-ef81-4791-a4cc-5ff6a91ec9d1 |
| Object ID | 5cc45d80-593b-4a26-900d-832874338bf6 |
| Application ID URI | api://367543a8-ef81-4791-a4cc-5ff6a91ec9d1 |
You can approve the application directly using this URL template:
https://login.microsoftonline.com/{tenantId}/adminconsent?client_id=367543a8-ef81-4791-a4cc-5ff6a91ec9d1
Replace {tenantId} with your organization’s domain name.