In my quest to enhance productivity and streamline user experiences within a corporate environment, I explored how to implement single sign-on (SSO) with Mozilla Firefox. This article dives into the seamless integration of SSO for Entra ID, formerly known as Azure AD, in Firefox.

Transitioning from the default settings in Mozilla Firefox, where you're required to manually enter both your username and password during login, to a smooth SSO experience can significantly improve your workflow. In this guide, I'll walk you through the steps to configure Firefox for Entra ID SSO.

Table of Contents

Setting up Mozilla Firefox for SSO

Mozilla Firefox, starting from version 91, has embraced the era of Single Sign-On. To get started, follow these straightforward steps to enable SSO for Microsoft, work, and school accounts on your Firefox browser:

  1. Manual Configuration
    Every user has the ability to set the setting "Allow Windows single sign-on." by them selves.
  2. Intune Central Configuration
    For a more elegant and centralized approach, use Intune. You have two options: the OMA-Uri method or the ADMX import. I recommend the ADMX import, which provides a visually appealing guideline.

Manually configure Windows SSO for Mozilla Firefox

All you have to do is select the "Allow Windows single sign-on for Microsoft, work, and school accounts" activate. You can do this either manually under "Settings > Privacy & Security > Logins and Passwords" do:

Firefox, Allow Windows single sign-on for Microsoft, work, and school accounts

Leveraging ADMX Templates in Intune

Intune empowers you to import classic ADMX templates, ensuring a smooth configuration process.
Here's how to do it:

1. Download the latest ADMX files from Mozilla:

Mozilla publishes it' ADMX Templates on GitHub:
mozilla/policy-templates (github.com)

2. Import the Templates in Intune

Devices > Configuration profiles > Import ADMX … + Import

First we upload the Mozilla ADMX and ADML file here.
It is important that you use the ADML files in each case en-US version use.

Mozilla ADMX Upload

Once this is uploaded you can also upload the Firefox ADMX and ADML:

Firefox ADMX Upload

Finally you will see both packages as a template in the overview.

Mozilla Firefox ADMX Templates Intune

If you are experiencing an error like "NamespaceMissing:Microsoft.Policies.Windows", first follow this guide: How to Resolve NamespaceMissing:Microsoft.Policies.Windows Error in Intune | scloud

3. Creating the SSO Policy

With the template files in place, it's time to create the policy for Windows SSO in Firefox. Follow these steps:

  1. Navigate to:
    Devices > Windows > Configuration profiles ... + Create profile 
  2. Choose:
    • Windows 10 and later
    • Templates
    • Imported Administrative template profile
  3. Search for "Windows SSO" within the policy settings, select and set it to "Enabled".

Intune, Firefox SSO

You then assign the policy to a group and after successful application, Firefox supports SSO with your Windows / Entra ID Account.

Conclusion

In conclusion, enabling Entra ID SSO in Mozilla Firefox is a strategic move to enhance productivity and streamline the user experience in a corporate setting. Whether you opt for manual configuration or leverage Intune with ADMX templates, the result is a beautifully integrated SSO system that will transform the way you work with Firefox. Say goodbye to the hassle of entering usernames and passwords each time you log in.

Leave a Reply

Your email address will not be published. Required fields are marked *

Florian Salzmann
Senior Workplace Consultant @UMB AG

Stay in the Loop with My Monthly Newsletter!