Law Cyborg supports Single Sign-On (SSO) via Microsoft Entra ID, using the OpenID Connect (OIDC) protocol.

This lets your users sign in to Law Cyborg with their existing Microsoft work accounts, no password required.

Once SSO is enabled for your organisation:

No per-user provisioning is required.
Any user in your Microsoft tenant can sign in once your IT admin has completed setup.

If your organisation uses Conditional Access policies, an application allowlist, or requires verification before granting admin consent, you can use the following details to identify the Law Cyborg application in Microsoft Entra:

Law Cyborg requests a small set of delegated permissions only, the app can only access the logged in user's own data while they are actively signing in.

Law Cyborg does not request any application permissions.
This means it cannot access your directory, read other users' data, or take any action without a user actively present.

Law Cyborg stores only the minimum information needed to identify your account across sessions:

Law Cyborg does not store access tokens, refresh tokens, passwords, or any other Microsoft data.

Enabling Microsoft SSO for your organisation takes two steps:

A Global Administrator in your Microsoft Entra tenant needs to grant consent to the Law Cyborg application. This is a standard one-time approval that allows users in your organisation to sign in.

You can do this by visiting the Law Cyborg login page, clicking "Sign in with Microsoft", and completing the admin consent prompt when it appears. You only need to do this once.

Once admin consent is granted, send your Microsoft Tenant ID to the Law Cyborg support team. You can find this in the Azure Portal → Microsoft Entra ID → Overview page.

Our team will configure the SSO mapping on our side. This typically takes one business day. Once confirmed, your users can sign in immediately.

Not currently. Law Cyborg uses OIDC (OpenID Connect), which is the modern successor to SAML and is supported by Microsoft Entra, Okta, Google Workspace, and all major identity providers. The end-user experience is identical — users click "Sign in with Microsoft" and authenticate with their usual credentials.

If SAML is a hard requirement for your organisation due to a specific compliance policy, please get in touch and we can discuss your situation.

No. The only permission that touches user data is User.Read, which is a delegated permission — it can only read the profile of the person who is actively signing in. Law Cyborg has no access to other users, groups, emails, calendars, or any other tenant-wide resources.

No. All permissions are delegated. Application permissions (which allow an app to act without a user present and can access tenant-wide data) are not requested by Law Cyborg.

When a user's Microsoft account is disabled or removed, they will no longer be able to sign in to Law Cyborg via SSO. Their existing Law Cyborg account and data are not automatically deleted — please contact support if you need an account removed.

If your organisation has SSO enabled, users will still see the "Sign in with Microsoft" option. Password-based login remains available unless you specifically request that it be disabled for your domain. Contact us if you'd like password login disabled for your organisation.