This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 74%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMH%3C/text%3E%3C/svg%3E)
I'm a beginner at Microsoft Entra ID, but I have successfully configured SSO for Salesforce Application. Now I can make the Microsoft entity user to login Salesforce with the help of Microsoft account credentials instead of Salesforce Credentials.
However, I'm facing issues when I try to access Salesforce with other users created in Microsoft Entra ID.
To make it look practically simple ,imagine this way.
UserA - whose identity is MicrosoftAccount
I have created two other users in Microsoft Entra ID say UserB and UserC, and now I want to provide the users access to the Salesforce Application through Microsoft Entra ID.
How should I do that and what role should I assign to the users so that they can access Salesforce through Microsoft Entra ID SSO.
Help me solving the issue I'm facing.
Typically you would require user assignment to the app, then assign the users or groups that are allowed.
To do this:
In the Azure portal require assignment under the app properties:
Then assign the users or groups
Note that nested groups will NOT work!
Hi @Mohammed Hasim , to provide access to Salesforce through Microsoft Entra ID SSO for UserB and UserC, you need to create an access package in Azure AD entitlement management and add Salesforce as a resource to it. Then, you can assign the access package to UserB and UserC.
Please let me know if you have any questions and I can help you further.
If this answer helps you please mark "Accept Answer" so other users can reference it.
Thank you,
James