Use On-Premise Active Directory Identities for
Single Sign-On (SSO) to Microsoft 365 & Cloud Applications

UserLock combines single sign-on with multi-factor authentication for secure and frictionless access to both network and cloud resources.

Start a free trial Book a Demo

One Active Directory Identity for All Access

Single Sign-On (SSO) from UserLock allows each user to log in only once (with optional MFA) using their existing on-premise Active Directory credentials to seamlessly access Microsoft 365 and other cloud resources, from wherever they work.

Reduce Complexity

Continue to use on-premises Active Directory as the single identity provider.

  • No need to create a new directory for user IDs
  • Effortlessly scale SSO across all Active Directory users
  • Streamline access to all cloud resources for improved user productivity

Enhance Security

Stop password sprawl from several different cloud applications.

  • Easily combine with MFA and session management
  • Leverage existing investment in Active Directory security
  • Keep authentication on-premises, even for remote user access

Secure Federated Authentication for Microsoft 365 & Cloud Applications

UserLock SSO supports SAML 2.0 protocol to enable federated authentication of Microsoft 365 and other software as a service (SaaS) apps hosted in the cloud. Users get secure and easy access to cloud resources with existing Active Directory credentials.

To view the video, please accept all cookies.

Easy to Install

Easily configure each cloud app directly from the UserLock console. An app that is currently not supported can still be protected with a customized configuration.

Read more about how to install UserLock SSO


Implement SSO quickly with no change or provisioning needed for existing access to locally-hosted resources and applications.

SSO Safeguards for Peace of Mind

Rest easy knowing that UserLock SSO allows automatic SSO certificate rollover protection and SSO disaster recovery to limit possible interruptions.

Learn how to configure UserLock SSO backup servers

Learn how to configure automatic renewal of SAML certificates

Combine SSO With Granular MFA & Contextual Security

Optimize security by combining SSO with MFA.
With UserLock, granular MFA and contextual security at login provides the SSO protection you need without unnecessarily impeding employees.

  • Customize MFA conditions to ensure less friction for users
  • Choose between authenticator apps and tokens like YubiKey and Token2
  • Use the context of users’ authentication attempts to further secure all user access

More about MFA

Track and Report on All Cloud Sessions

One central dashboard shows the real-time status of SSO connections at a glance. This includes information about logons and denied logons, as well as:

  • Username
  • Application name
  • Date and time of the event
  • Session event type
  • Source IP address

Get the UserLock Web App

Monitor and respond to network sessions quickly, easily, and from anywhere with the UserLock Web App.


New UserLock Web App
For users UserLock SSO acts as a powerful productivity tool. For IT teams it allows us to quickly but securely offer SSO across a hybrid environment.
Augustine Woo Techsolve MSP

Simple & Secure Single Sign-On for Hybrid Environments

Enjoy the benefits of using the cloud, but struggle to secure access to on-premises and cloud resources in a hybrid environment?

With UserLock SSO, you can keep Active Directory as your identity management solution – while extending it to streamline and secure access to your organization's cloud apps. Combined with granular MFA, UserLock SSO provides easy-to-use, cost-effective security.