Migrating existing logins to federated (SSO)
When adding an SSO connection such as Azure AD or SAML2, the existing users are not affected. At the moment, it is not possible for the same email address to have mixed access to both SSO and non-SSO accounts. Therefore, in order to migrate existing users to log in to the platform via SSO, the administrator(s) must first remove the linked non-SSO users from all accounts in question.
In order to best deal with this, either use an already existing admin account, or create a "migration" account with admin rights and delegate all media for the to-be SSO users to said admin account, as you otherwise cannot remove the non-SSO user.
Go to "Settings" > "Users" > "Actions" and then use the "Reassign" action to assign the media to another user.
However, the remaining login without access to any accounts will still stay as a non-SSO one as it used to be before, leading to the non-SSO login page.
Keeping one admin user with a non-SSO login is recommended, in case of disturbances to the SSO.
In order to log in via an SSO provider instead, proceed to the SSO-specific login page for the account in question.
Azure AD
Simply click on the Sign in with Microsoft button to proceed:
SAML2
Login via the SSO URL for your SAML2 connection. The URL can be found in Console, Settings ➜ Integrations ➜ Single Sign-on:
Once you have successfully logged in via SSO, your login will be converted to a federated one, and you will be able to use the login screen as usual. However, a direct URL might still be more convenient for SAML2 users, as the browser may be able to supply your SAML2 credentials without even needing to manually type in your email address.