There is no license requirement for users ( Members or guests) to create or logon to a SSO application. The application itself may have license requirements, but the access itself is not licensed: https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/add-application-portal-setup-sso#prerequisites When you say "non-active directory" , I assume you mean guests in Azure? As far as the lack of an email, an email is not required for SSO. Your app can use UserPrincipalName or any ohter unique value to auth and if it requires an email address , you could add the SAML claim in the Azure app to set UPN to EMail as a workaround for example.
Non-active directory users need authentication/SSO
Olivia Escalle
0
Reputation points
Hi - Im looking for a license type or service provided that satisfies the ability to have non-active directory employees (ie: seasonal or temp employees) logging into an application via SSO. is there a way to do this so that you do not have a full O365 license per user (they don't have an email), and you can provision the account based off role type. Thanks