Skip to content
Docs

Microsoft OAuth Login

Microsoft OAuth login allows you to sign in to Wintro using your existing Microsoft work or personal account. This is the simplest way to access Wintro with your Microsoft credentials — just click “Sign in with Microsoft” and authenticate.

Note: This is different from Microsoft Entra ID SSO, which uses SAML 2.0 and requires IT administrator setup. Microsoft OAuth login works out of the box for most users.

How It Works

Section titled “How It Works”
  1. On the Wintro login page, click Sign in with Microsoft
  2. You’ll be redirected to Microsoft’s login page
  3. Enter your Microsoft account credentials
  4. Grant Wintro permission to access your basic profile information
  5. You’re logged in to Wintro

Permissions Requested

Section titled “Permissions Requested”

When you sign in with Microsoft OAuth, Wintro requests the following permissions:

PermissionPurpose
View your basic profileTo display your name in Wintro
View your email addressTo identify your account and send notifications

These are read-only permissions. Wintro cannot modify your Microsoft account or access your emails, files, or other data.

Admin Approval Required

Section titled “Admin Approval Required”

Depending on your organization’s security settings, you may see an “Admin Approval Required” or “Need Admin Approval” message when trying to sign in.

This happens when your IT team has configured Microsoft Entra ID (Azure AD) to require administrator consent before users can sign in to third-party applications.

If You See This Message

Section titled “If You See This Message”
  1. Contact your IT administrator or Azure Global Admin
  2. Share the Wintro login page URL with them
  3. Ask them to grant consent for Wintro (see instructions below)
Section titled “For IT Administrators: Granting Consent”

If users in your organization are seeing the “Admin Approval Required” message, follow these steps to grant consent:

Option 1: Consent via the approval request

  1. Use any of the approval request links sent by your team members
  2. Sign in with your Azure Global Admin credentials
  3. Review the permissions Wintro is requesting
  4. Check the box to consent on behalf of your organization
  5. Click Accept

Option 2: Grant consent via Azure Portal

  1. Sign in to the Azure Portal as a Global Admin
  2. Navigate to Microsoft Entra ID > Enterprise applications
  3. Find “Wintro” in the list (it appears after any user attempts to sign in)
  4. Click on the Wintro application
  5. Go to Permissions in the left menu
  6. Click Grant admin consent for [Your Organization]
  7. Review and accept the permissions

Option 3: Pre-authorize Wintro

To prevent users from seeing the consent prompt entirely:

  1. In the Azure Portal, go to Microsoft Entra ID > Enterprise applications
  2. Click + New application > Create your own application
  3. Name it “Wintro” and select Register an application to integrate with Microsoft Entra ID
  4. After creation, go to Permissions and grant admin consent
  5. Optionally, go to Users and groups to restrict which users can access Wintro

Restricting Access to Specific Users

Section titled “Restricting Access to Specific Users”

After granting consent, you can control which users can sign in to Wintro:

  1. In the Azure Portal, open the Wintro enterprise application
  2. Go to Properties
  3. Set Assignment required? to Yes
  4. Go to Users and groups
  5. Add only the users or groups who should have access

Troubleshooting

Section titled “Troubleshooting”

“Admin Approval Required” message

  • Your organization requires IT admin consent. Contact your Azure Global Admin.

“You don’t have permission to access this application”

  • Your admin has restricted access. Ask them to add you to the Wintro application’s user list.

Login works but Wintro shows “User not found”

  • Your Microsoft account email may not match your Wintro account. Contact support@wintro.ai.

Redirect loop or blank page after login

  • Clear your browser cookies and try again
  • Try using an incognito/private browser window
  • Ensure pop-ups are allowed for wintro.app

When to Use OAuth vs. SAML SSO

Section titled “When to Use OAuth vs. SAML SSO”
FeatureMicrosoft OAuthMicrosoft Entra ID SSO (SAML)
AvailabilityAll plansEnterprise plan only
Setup complexityNone (works immediately)Requires IT configuration
Admin consentMay be required depending on org settingsAlways required
User provisioningManualCan use SCIM for automation
Conditional Access policiesLimitedFull support
Best forSmall teams, quick setupEnterprise, compliance requirements

For organizations that need advanced security controls, user provisioning, or compliance features, consider setting up Microsoft Entra ID SSO instead. SSO is available on our Enterprise plan — contact our sales team for details.