Alias Login for 365 SSO
This guide will take you through granting permissions to allow SSO using an alias for Microsoft 365.
To approve app permissions you will need either 'Privileged Role Administrator' or adding to admin consent requests in 'identity' within 365 Admin.
- Before starting, ensure you are using an account that can approve permissions on behalf of your org or a global admin account.
- Using an 'incognito/InPrivate' web browser, open the following link: Boxphish
- Once on the Boxphish portal, click 'Sign in with Microsoft' ensuring you are using your admin credentials as they appear on the Boxphish portal. This will be the same email used to create the allow listing and user imports prior. (If the global admin account doesn't have portal access, this can be added upon request).
- The permission for SSO should look like the following:
- Click 'Accept' and this will approve the permissions and add the application within Entra for you to view.
- Within Entra the permissions for the SSO app should look like the below, this confirms that SSO is setup for your organisation.
You can test this by closing your Incognito/ InPrivate window and logging in with an alias account on the Boxphish portal.
