Summary
The RPM Platform allows users to link their RPM user to a Microsoft account using Sign in with Microsoft. Any Microsoft account can be used including accounts managed under an Azure Active Directory (AAD) or what Microsoft sometimes calls a Work or School Account. For these accounts the AAD may be configured to require organizational approval before non-admin users can use their sign in to access other sites, like the RPM products (Lighthouse, Cube, Quartz, and Telco).
Administrator's Set Up
The first time a user tries to sign in to Microsoft from an RPM product that is new to their organization they may encounter an error about admin approval like this from Microsoft:
The solution is to have AAD administrator from that organization grant access to the application one time. There are two primary ways to do this:
Option 1: Through Sign In With Consent
The admin may attempt the Sign in with Microsoft themselves from the appropriate RPM brand sign in page. They don’t have to actually have an RPM user or complete the RPM part of the sign in, they simply need to complete the Microsoft part and check the box to also Consent on behalf of your organization:
Option 2: Through the Azure Portal
In the Azure portal under App Registrations, bring up the appropriate RPM Application (Lighthouse HSE, Cube DMS, Quartz QMS or RPM Telco) and select Permissions. There is a link that grants the same admin consent as above.