There are a few ways an organisation can connect Mindjoy to Microsoft. Each one does a different thing, and they are easy to confuse because the buttons can look similar. This is a quick guide to what each one does, who needs to do what to set it up, and which one you actually want.
If you are looking for the equivalent on the Google side, see the Google Workspace For Education Integration and Google Classroom Integration articles.
Quick guide to who does what
There are three different "admin" roles that come up in this doc. They are not the same person:
Microsoft tenant admin (your school's IT team). This is the person who can sign into the Microsoft 365 admin centre and approve apps for your whole school. If your IT team is reading this for the first time, the Getting Started: IT Administrators and IT Administrator FAQ articles are good starting points.
Mindjoy organisation admin. This is someone in your school who has admin rights inside the Mindjoy platform. Often the same person as the IT admin, but not always. See Adding Admins and Organisation Settings.
Educator. A regular teacher signed into Mindjoy.
If you are not technical and you are reading this, the short version is: forward this to your IT team. The whole thing should take them under five minutes for the most common option.
Option 1: Microsoft Sign-In (authentication only)
This is the simplest option and most likely what you want. It lets your staff and students sign into Mindjoy by clicking "Continue with Microsoft" instead of typing an email and password.
What it does: Authenticates users against their Microsoft account. If their email matches an existing Mindjoy account, they sign in. If they have a pending classroom invitation, an account is created for them automatically.
What it does NOT do: It does not pull any class lists, Teams channels, student rosters, or any other data from your Microsoft tenant. It only confirms that the person is who they say they are.
What your IT team needs to do:
In most cases, nothing. Mindjoy uses a single shared Azure app registration that works across any Microsoft tenant, so your users can sign in straight away.
The one exception is if your tenant has been configured to restrict which third-party apps users can consent to. In that case:
The first user who tries to sign in will see a "needs admin approval" message instead of the usual sign-in.
Your tenant admin goes to the Microsoft admin centre, finds the request from "Mindjoy" in the app consent requests, and approves it.
After that, every user can sign in without seeing the prompt.
What your Mindjoy admin needs to do: Nothing. Microsoft sign-in is enabled on the platform by default.
Who can use it once set up: Both staff and students.
Option 2: Microsoft Teams sync (per-educator)
This is a different feature that happens AFTER an educator is signed in. It is not part of authentication.
What it does: Lets a single educator authorise Mindjoy to read their own Teams classes and student rosters from Microsoft Education. Their classes appear in Mindjoy, with the right students in each one.
What it does NOT do: Sign anyone in. The educator has to be already signed in to Mindjoy to set this up.
What your IT team needs to do: Nothing. Each educator does this for themselves.
What the educator needs to do:
The full step-by-step guide is in Connect Microsoft Teams for Education to Mindjoy. In short:
Sign into Mindjoy.
Go to their account integrations page and click "Connect Microsoft Teams".
Approve the permissions when Microsoft asks.
Their classes appear in Mindjoy.
For pulling specific student rosters into a classroom afterwards, see Import Students from Google Classroom or Microsoft Teams to Mindjoy.
Who uses it: Educators only, and only the ones who explicitly turn it on for themselves.
Option 3: Microsoft Teams sync (organisation-wide)
This is for schools that want every Education class in their tenant to appear in Mindjoy automatically, without each educator setting it up individually.
What it does: A tenant administrator grants Mindjoy permission to read all Education classes and student rosters across the organisation, in one go.
What your IT team needs to do:
The full walkthrough is in Connecting Microsoft Teams Admin Consent. The summary:
The Mindjoy organisation admin signs into Mindjoy and goes to Educator settings β Organisation β Integrations.
They click "Connect Microsoft Teams".
Mindjoy redirects them to Microsoft's admin consent screen.
They sign in as a Microsoft tenant admin and approve the permissions for the whole organisation.
Microsoft redirects back to Mindjoy and the connection is live.
After that, all Education classes in your tenant sync into Mindjoy with the right rosters. The general overview of how class sync works on Mindjoy is in the Classroom Sync Guide.
What your Mindjoy admin needs to do: Nothing additional. The flow above covers everything.
Who uses it: Configured once by an admin, then applies to everyone.
Domain restriction (recommended add-on)
For any of the options above, you can lock your Mindjoy organisation so that only email addresses on specific domains can sign in or have accounts created. For example, only @yourschool.edu addresses can join your Mindjoy organisation.
What it does: Blocks account creation and SSO sign-up for any email that is not on an authorised domain. Applies to every pathway: Microsoft SSO, Google SSO, manual signups, classroom joins, bulk invites.
For students specifically, this also enables one-click sign up. The full guide is in How to limit Student sign ups to your domain, and enable one-click student sign up.
What you need to do: Tell your Mindjoy contact which email domains to allow. We will configure it.
This is the cleanest way to enforce "only people from our school can have an account in our Mindjoy organisation" without needing to maintain custom restrictions on the Microsoft side.
Quick decision guide
Want | Use |
Just sign in with Microsoft, no class sync | Option 1 |
Sign in with Microsoft AND have my own Teams classes appear | Option 1 + Option 2 |
Sign in with Microsoft AND have all classes in our tenant appear automatically | Option 1 + Option 3 |
Restrict who can join our Mindjoy organisation | Add domain restriction to any of the above |
We use an LMS (Canvas, Moodle, Blackboard, Brightspace) and want Mindjoy embedded there | Use LTI 1.3 instead or alongside |
Things to know
Multi-factor authentication still applies. If your tenant requires MFA, users see the Microsoft MFA prompt during sign-in. Mindjoy does not bypass this.
No SAML support yet. Microsoft SSO works through OAuth 2.0 and OpenID Connect. SAML 2.0 is not currently available.
Options 2 and 3 require Microsoft Education licensing. The class roster data lives in the Education endpoint of Microsoft Graph and is only populated for tenants with Education plans. Option 1 works on any Microsoft tenant.
Domain restriction is the best way to enforce who can sign in. Locking the Microsoft tenant on the Azure app side is also possible but heavier to maintain. The domain restriction we set on our side covers all sign-in pathways consistently.
If you are not sure which option you need, the answer is almost always Option 1 plus a domain restriction. The Teams sync options are only worth turning on if you actually want classes to appear automatically.
Related articles
For IT administrators: - Getting Started: IT Administrators - IT Administrator FAQ - Organisation Settings
Microsoft Teams setup: - Connect Microsoft Teams for Education to Mindjoy - Connecting Microsoft Teams Admin Consent - Import Students from Google Classroom or Microsoft Teams to Mindjoy
Domain restriction: - How to limit Student sign ups to your domain, and enable one-click student sign up
Classroom sync (Microsoft and Google): - Classroom Sync Guide - Google Workspace For Education Integration - Google Classroom Integration - Connect Google Classroom to Mindjoy
LMS integration via LTI 1.3: - How LTI works on Mindjoy - Connecting Canvas with LTI 1.3 - Connecting Moodle with LTI 1.3 - Connecting Blackboard Learn with LTI 1.3 - Connecting Brightspace (D2L) with LTI 1.3
Mindjoy admin basics: - Adding Admins - How to invite Educators on the Mindjoy Platform