Strong identity and
access management

Single Sign-On via Microsoft Entra ID

MyDesk supports Single Sign-On (SSO) via Microsoft Entra ID (formerly Azure Active Directory). Customers can integrate MyDesk directly with their existing identity provider, so users log in with their corporate identity.

The SSO integration supports SAML 2.0 and OpenID Connect and can be configured to enforce customer-specific access policies, including MFA and conditional access.

Multi-Factor Authentication (MFA)

MFA can be enforced via customer Entra ID policies. MyDesk supports passwordless authentication and modern authentication methods such as FIDO2 and Microsoft Authenticator.

Role-based access and least privilege

Access to the MyDesk platform is granted according to the least privilege principle. Internal employees only have access to the systems and data necessary for their work. Access is granted formally and reviewed regularly.

• No shared user accounts - individual accounts for all users
• Role-based access control (RBAC)
• Privileged Access Management (PAM) for administrative accounts
• Automatic deprovisioning upon resignation
• Regular access review
• Audit log of all administrative changes

Internal access management

MyDesk internal employees authenticate via Microsoft Entra ID with MFA as a requirement. Privileged accounts are subject to additional controls, including just-in-time access and authentication workflows.