Connect TrainMeUK to Microsoft 365 (Single Sign-On)

What You'll Achieve

✅ Staff will log into TrainMeUK using their Microsoft 365 work account
✅ No extra passwords to remember or manage

👤 Who Should Do This

A Microsoft 365 administrator with Global Admin or Application Admin rights.

🔄 Step-by-Step Setup

1. In TrainMeUK

Go to: https://app.trainmeuk.co.uk/admin/settings → SSO & Provisioning
Copy the Redirect URI shown on screen (keep this page open — you'll paste it into Microsoft Entra ID later)

2. In Microsoft Entra ID

Go to entra.microsoft.com → App registrations → New registration
Enter:
- Name: TrainMeUK SSO
- Supported account types: Accounts in this organisational directory only (Single tenant)
- Redirect URI: paste the Redirect URI you copied from TrainMeUK
Click Register

3. Collect Details from Microsoft

From the app you just created in App registrations:

Copy the Application (client) ID → this will be your Client ID in TrainMeUK
Copy the Directory (tenant) ID → this will be your Tenant ID in TrainMeUK
Go to Certificates & secrets → New client secret → copy the secret value (you'll only see it once)

4. Turn On Sign-In Tokens

In Authentication, tick ID tokens
Click Save

5. Back in TrainMeUK

Paste the values you collected:
- Tenant ID → from Directory (tenant) ID
- Client ID → from Application (client) ID
- Client Secret → the secret value you created
Click Enable SSO → Save ✅

🧪 Test It

Log out of TrainMeUK
Click Sign in with Microsoft
Use a normal staff account → you should go straight in ✅

💡 Troubleshooting

"Needs admin approval"

A Microsoft admin must log in once to approve the connection.

Redirect error

Check the Redirect URI in TrainMeUK and Microsoft Entra ID match exactly.

Why Single Sign-On Matters

Single Sign-On (SSO) eliminates password fatigue and security risks while providing a seamless user experience. With Microsoft 365 integration, your staff can access their compliance training using the same credentials they use for email, Teams, and other Microsoft services.

Enhanced Security

Centralized authentication reduces password-related security risks and makes access management easier.

Better User Experience

Staff can access training without remembering additional passwords or going through complex login processes.

Reduced IT Support

Fewer password reset requests and login issues mean less burden on your IT support team.

Compliance Benefits

Centralized access control makes it easier to ensure all staff have appropriate training access.

Common SSO Configuration Issues

Frequent Setup Challenges

Redirect URI Mismatch

Ensure the Redirect URI in both systems matches exactly, including https:// and any trailing slashes.

Client Secret Expiration

Client secrets expire after a set period. Set a reminder to renew them before expiration.

Permission Issues

Ensure the app registration has the necessary API permissions for user authentication.

Tenant ID Confusion

Make sure you're using the Directory (tenant) ID, not the Application (client) ID for the Tenant ID field.

Security Best Practices

Keep Your SSO Secure

Store client secrets securely and never share them in plain text
Set appropriate secret expiration dates and renew them proactively
Monitor sign-in logs regularly for any unusual activity
Use conditional access policies to add extra security layers
Test SSO regularly to ensure it continues working after updates

What Happens After Setup

Once SSO is configured, your staff will experience a seamless login process. They'll click "Sign in with Microsoft" on the TrainMeUK login page, authenticate with their Microsoft 365 credentials, and be automatically logged into their training dashboard.

Ready to Set Up SSO?

Our team can help you configure Microsoft 365 SSO in under 30 minutes, with full support throughout the process.

Get Setup Support View More Guides