Zero Friction uses the Microsoft Identity Framework as the default authentication mechanism. With the MIF, users can use their work account or Microsoft account, to access the platform, this is achieved via three options;

With Azure AD B2B collaboration, any work account that lives in an Azure Active Directory, can automatically, and free of charge, be used to access the Zero Friction platform. No additional action is required from Zero Friction. From an Azure AD Admin perspective, the source tenant should authorize the Zero Frictions' app registration to read user details. This is required to do once, after which users can access the platform.

Non-microsoft accounts that live in a B2B account directory (like Google Workplace or Okta), can be integrated with the Zero Friction Identity Framework. This is done by setting up a so-called 'SAML'-integration. This requires effort from both Zero Friction as the B2B account directory owner, and is not standard.

Any e-mail address that does not live in an Azure Active Directory or another SSO provider like Google or Okta, should be registered as a Microsoft account. It's not possible to use personal/social accounts to access Zero Friction.

LDAP is a common technology used to use on-premise account directories with external systems. Since Zero Friction is a multi-tenant SAAS application, it is not possible to directly link the platform via LDAP to your account directory.

If SSO is required, you should set up an Azure AD and use AD Domain Services to link with your on-premise directory. This Azure AD directory can then be linked using B2B collaboration to the Zero Frictions' tenant. See LDAP authentication with Microsoft Entra ID | Microsoft Learn for more information.

Access to the platform is via invite-only. Customer Success is responsible for inviting users. Any user that has not gone through the invitation process sent out by Customer Success, will not be able to access Zero Friction Heat, even if the account lives in any of above 3 directory mechanisms.