Zero Friction uses the Microsoft Identity Framework as its default authentication mechanism. With the MIF, users can use their work account or Microsoft account to access the platform. This is achieved through three options:

With Azure AD B2B collaboration, any work account in Azure Active Directory can automatically and free of charge access the Zero Friction platform. No additional action is required from Zero Friction. From an Azure AD administrator's perspective, the source tenant must authorize Zero Friction's app registration to read user data. This is a one-time process, after which users are granted access to the platform.

Non-Microsoft accounts located in a B2B account directory (such as Google Workplace or Okta) can be integrated with the Zero Friction Identity Framework. This is done by setting up a SAML integration. This requires effort from both Zero Friction and the owner of the B2B account directory and is not a standard feature.

Any email address not in Azure Active Directory or another SSO provider like Google or Okta must be registered as a Microsoft account. It's not possible to use personal/social accounts to access Zero Friction.

LDAP is a common technology used to connect local account directories to external systems. Because Zero Friction is a multi-tenant SAAS application, it's not possible to connect the platform directly to your account directory via LDAP. If SSO is required, you'll need to set up an Azure AD and use AD Domain Services to connect to your local directory. This Azure AD directory can then be linked to Zero Friction's tenant through B2B collaboration. See For more information, see https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/auth-ldap.

Access to the platform is by invitation only. Customer Success is responsible for inviting users. Any user who has not completed the Customer Success invitation process will not have access to Zero Friction Heat, even if their account is in one of the three directory mechanisms listed above.