SSO Integration

Microsoft 365 SSO and Azure AD Integration

Peoplifi supports enterprise-grade SAML 2.0 SSO with Microsoft 365 and Azure AD (now Entra ID). SCIM-based user provisioning keeps Peoplifi in sync with your Entra directory automatically, and approved time-off syncs to employee Outlook calendars. Group-based role mapping lets you control Peoplifi permissions from Azure AD.

Try Peoplifi Free for 7 Days

How it works

  1. IT admin creates an Enterprise Application in Azure AD using the Peoplifi template
  2. SAML 2.0 is configured with Peoplifi's ACS URL and Entity ID
  3. SCIM provisioning is enabled, syncing users and groups from Azure AD to Peoplifi
  4. Employees sign in at peoplifi.com/login → Continue with Microsoft
  5. Time-off approvals push events to each employee's Outlook calendar

Features

SAML 2.0 SSO with Microsoft 365 / Azure AD / Entra ID
SCIM 2.0 automated user provisioning and deprovisioning
Group-based role mapping (Azure AD group → Peoplifi role)
Outlook calendar sync for approved time-off
Entra ID conditional access supported (MFA, compliant device, named locations)
Enterprise logs for SSO events (SAML assertions, SCIM changes)

Setup Guide

  1. In Azure AD, go to Enterprise Applications → New Application and search for Peoplifi
  2. Configure SAML: Peoplifi provides the ACS URL and Entity ID on the setup screen
  3. Upload the Azure AD SAML metadata XML into Peoplifi
  4. Enable SCIM provisioning and paste the Peoplifi tenant URL + bearer token into Azure AD
  5. Assign users or groups to the Peoplifi app in Azure AD
  6. Test SSO by signing in from peoplifi.com/login with Continue with Microsoft

Frequently Asked Questions

Is SCIM required or optional?

Optional. You can run SAML-only SSO without SCIM, but SCIM is strongly recommended for organizations with frequent joiner/mover/leaver events — it eliminates manual user management in Peoplifi.

Does this support Entra ID conditional access?

Yes. Peoplifi respects all Entra ID conditional access policies: MFA requirements, compliant device checks, and named location restrictions all flow through the SAML assertion.

Can we restrict access to specific Azure AD groups?

Yes. In Azure AD, assign only specific users or groups to the Peoplifi Enterprise Application. Only those users will be provisioned into Peoplifi.

Ready to connect Microsoft 365 to Peoplifi?

Start free 7-day trial