search

Single Sign-On (SSO) Authentication

DevArmor supports social authentication through enterprise identity providers, allowing users to sign in securely using their existing accounts.

Currently supported providers:

  • Google

  • Microsoft

This allows organizations to simplify user access while leveraging their existing identity and access management policies.

Provider
Authentication Method

Google

OAuth 2.0 (Google Sign-In)

Microsoft

OAuth 2.0 / Microsoft Identity Platform

Users can authenticate using their existing Google Workspace or Microsoft accounts without needing to create a separate DevArmor password.

hashtag
How Users Sign In

  1. Navigate to the DevArmor login page: https://app.devarmor.com/sign-inarrow-up-right

  2. Select one of the available sign-in options:

    • Sign-in with Google

    • Sign-in with Microsoft

  3. Authenticate with your identity provider

  4. After successful authentication, you will be redirected to DevArmor

If it is the user’s first time signing in, reach out to [email protected] to request a new account to be created. Alternatively, contact your organization's admin and they will be able to create an account for you on DevArmor platform.

hashtag
Admin Guidance for Organizations

Organizations using Google Workspace or Microsoft Entra ID (Azure AD) can allow their users to sign in with their existing accounts.

Recommended best practices:

  • Require employees to use their corporate Google or Microsoft accounts

  • Enforce authentication policies through your identity provider (MFA, device policies, etc.)

  • Disable personal email domains if your organization restricts them

Authentication policies (such as MFA requirements) are controlled directly within your identity provider.

hashtag
Enabling Microsoft Login for Your Organization

To allow your team to sign in to DevArmor using their Microsoft accounts, an Azure AD administrator at your organization needs to complete a one-time setup.

hashtag
What you need

  • An Azure Active Directory tenant (any Microsoft 365 or Azure subscription includes one)

  • An account with the Global Administrator or Cloud Application Administrator role

hashtag
Steps

1. Grant admin consent

Grant admin consent to the DevArmor application in your tenant by visiting the following URL while signed in as an administrator:

You will be prompted to review and approve the permissions DevArmor requests (openid, email, profile). These are read-only and used only for authentication.

2. Share your Tenant ID

Share your tenant ID with your DevArmor contact. You can find it in the Azure Portal under:

Azure Active Directory → Overview → Tenant ID

That's it! DevArmor handles the rest of the configuration on our end. Once complete, your users can sign in with their existing Microsoft credentials.

Notes

  • Only organizational accounts (e.g. [email protected]) are supported. Personal Microsoft accounts (@outlook.com, @hotmail.com) cannot be used.

  • Individual users do not need to install anything or create a new account.

hashtag
Troubleshooting Login Issues

hashtag
User cannot log in

Verify the following:

  • The user is signing in with the correct Google or Microsoft account. Specifically, make sure they are using the same email address (including domain) as registered in DevArmor.

  • The browser allows authentication redirects

  • The user has permission to access DevArmor within your organization.

hashtag
Account created with the wrong provider

If a user accidentally signs up using a different authentication provider (for example Google instead of Microsoft):

  1. Contact your DevArmor administrator

  2. The admin can update the account or merge identities if needed

hashtag
Authentication fails during login

Common causes include:

  • Browser extensions blocking redirects

  • Expired identity provider sessions

  • Organization-level login restrictions

Recommended fixes:

  • Try logging in again

  • Use a private browser window

  • Clear browser cookies for Google or Microsoft authentication

hashtag
Security Considerations

DevArmor does not store user passwords when using social authentication.

Authentication security is handled by the identity provider:

  • Google authentication is managed by Google Identity Services

  • Microsoft authentication is managed by Microsoft Identity Platform

Organizations should configure security policies (such as multi-factor authentication) directly within their identity provider.

hashtag
Support

If your team encounters authentication issues, contact:

DevArmor Support: [email protected]

Include the following information when reporting issues:

  • User email address

  • Identity provider used (Google or Microsoft)

  • Timestamp of the login attempt

  • Screenshot of any error messages

PreviousHow to get startedNextThreat Modeler

Last updated

Was this helpful?