Subscribers that use Microsoft sign-in to access Zendesk services must secure their accounts by taking the steps outlined below. If at any time you are locked out of your account, you will be required to use ourSSO bypass featureto regain access.

Agents using Microsoft sign-in

Account administrators whose agents sign in with Microsoft must take one of the following actions to protect their accounts:

• Addyour company's Microsoft tenant IDto yourMicrosoft sign-in settings for team membersinside Zendesk Admin Center, OR
• Enable SAML-based SSOwith your company's Azure Active Directory Single Sign-On ("SSO")

End users using Microsoft sign-in

Account administrators whose end users sign in with their Azure Active Directory accounts must enableSAML-based Azure SSO. This step is not necessary if you permit end users to authenticate usingpersonalMicrosoft accounts (such as through Xbox, Teams for Life, or Outlook), or if you have enabled other authentication options (such as Zendesk passwords, Google, Facebook, or Twitter authentication).