MicrosoftDocs
diff --git a/‎articles/defender-for-iot/organizations/TOC.yml
Lines changed: 3 additions & 0 deletions b/‎articles/defender-for-iot/organizations/TOC.yml
Lines changed: 3 additions & 0 deletions
diff --git a/‎articles/defender-for-iot/organizations/legacy-central-management/manage-users-on-premises-management-console.md
Lines changed: 1 addition & 1 deletion b/‎articles/defender-for-iot/organizations/legacy-central-management/manage-users-on-premises-management-console.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/defender-for-iot/organizations/manage-users-overview.md
Lines changed: 8 additions & 4 deletions b/‎articles/defender-for-iot/organizations/manage-users-overview.md
Lines changed: 8 additions & 4 deletions
diff --git a/‎articles/defender-for-iot/organizations/media/create-application-id.png
273 KB b/‎articles/defender-for-iot/organizations/media/create-application-id.png
273 KB
diff --git a/‎articles/defender-for-iot/organizations/media/set-up-sso/api-permissions.png
305 KB b/‎articles/defender-for-iot/organizations/media/set-up-sso/api-permissions.png
305 KB
diff --git a/‎articles/defender-for-iot/organizations/media/set-up-sso/apply.png
18.4 KB b/‎articles/defender-for-iot/organizations/media/set-up-sso/apply.png
18.4 KB
diff --git a/‎articles/defender-for-iot/organizations/media/set-up-sso/authentication.png
321 KB b/‎articles/defender-for-iot/organizations/media/set-up-sso/authentication.png
321 KB
diff --git a/‎articles/defender-for-iot/organizations/media/set-up-sso/create-application-id.png
157 KB b/‎articles/defender-for-iot/organizations/media/set-up-sso/create-application-id.png
157 KB
diff --git a/‎articles/defender-for-iot/organizations/media/set-up-sso/permissions-management.png
82.4 KB b/‎articles/defender-for-iot/organizations/media/set-up-sso/permissions-management.png
82.4 KB
diff --git a/‎articles/defender-for-iot/organizations/media/set-up-sso/register-application.png
230 KB b/‎articles/defender-for-iot/organizations/media/set-up-sso/register-application.png
230 KB
@@ -249,6 +249,9 @@
         displayName: users, user
       - name: Audit user activity
         href: track-user-activity.md
+      - name: SSO for sensor console login
+        href: set-up-sso.md
+        displayName: users, user
     - name: Maintain OT on-premises resources
       items:
       - name: Enhance device data and detection
 
@@ -122,7 +122,7 @@ Configure an integration between your on-premises management console and Active
 
 For example, use Active Directory when you have a large number of users that you want to assign Read Only access to, and you want to manage those permissions at the group level.
 
-For more information, see [Active Directory support on sensors and on-premises management consoles](../manage-users-overview.md#active-directory-support-on-sensors-and-on-premises-management-consoles).
+For more information, see [Microsoft Entra ID support on sensors and on-premises management consoles](../manage-users-overview.md#microsoft-entra-id-support-on-sensors-and-on-premises-management-consoles).
 
 **Prerequisites**: This procedure is available for the *support* and *cyberx* users only, or any user with an **Admin** role.
 
 
@@ -27,13 +27,13 @@ Sign into the OT sensors to [define sensor users](manage-users-sensor.md), and s
 
 For more information, see [On-premises users and roles for OT monitoring with Defender for IoT](roles-on-premises.md).
 
-### Active Directory support on sensors and on-premises management consoles
+### Microsoft Entra ID support on sensors and on-premises management consoles
 
-You might want to configure an integration between your sensor and Active Directory to allow Active Directory users to sign in to your sensor, or to use Active Directory groups, with collective permissions assigned to all users in the group.
+You might want to configure an integration between your sensor and Microsoft Entra ID to allow Microsoft Entra ID users to sign in to your sensor, or to use Microsoft Entra ID groups, with collective permissions assigned to all users in the group.
 
-For example, use Active Directory when you have a large number of users that you want to assign **Read Only** access to, and you want to manage those permissions at the group level.
+For example, use Microsoft Entra ID when you have a large number of users that you want to assign **Read Only** access to, and you want to manage those permissions at the group level.
 
-Defender for IoT's integration with Active Directory supports LDAP v3 and the following types of LDAP-based authentication:
+Defender for IoT's integration with Microsoft Entra ID supports LDAP v3 and the following types of LDAP-based authentication:
 
 - **Full authentication**: User details are retrieved from the LDAP server. Examples are the first name, last name, email, and user permissions.
 
@@ -44,6 +44,10 @@ For more information, see:
 - [Configure an Active Directory connection](manage-users-sensor.md#configure-an-active-directory-connection)
 - [Other firewall rules for external services (optional)](networking-requirements.md#other-firewall-rules-for-external-services-optional).
 
+### Single sign-on for login to the sensor console
+
+You can set up single sign-on (SSO) for the Defender for IoT sensor console using Microsoft Entra ID. With SSO, your organization's users can simply sign into the sensor console, and don't need multiple login credentials across different sensors and sites. For more information, see [Set up single sign-on for the sensor console](set-up-sso.md).
+
 ### On-premises global access groups
 
 Large organizations often have a complex user permissions model based on global organizational structures. To manage your on-premises Defender for IoT users, use a global business topology that's based on business units, regions, and sites, and then define user access permissions around those entities.