Single sign-on (SSO) is a method of allowing a user to access multiple applications or platforms with a single sign-on.
| Info |
|---|
Sidebar dropdown → Organisation → OIDC SSO Connection |
Fill the fields under the OIDC SSO connection section
...
Example for Microsoft Active Directory
An App needs to be created from your Azure portal, you can call it Feedier.
Under API permissions, make sure to enable: Microsoft Graph
...
...
openid
...
roles
...
User.Read
...
| Table of Contents | ||
|---|---|---|
|
Introduction
| Info |
|---|
This guide outlines the steps to set up Single Sign-On (SSO) for Feedier using Azure as an example. Register a new application in the Microsoft Entra admin center, configure authentication and API permissions, and define any required app roles. Finally, review the settings and test the integration to ensure successful authentication. |
Steps To Create The SSO Application (Example:Azure)
1. Access Azure Portal
Navigate to the Microsoft Entra admin center.
...
2. Register Application
Click on Applications => App registrations (1)=> Then click New registration (2)
...
3. Configure Application Registration
Name : Enter a descriptive name for your application (e.g., "Feedier SSO").(1)
Supported account types: Choose the appropriate option based on your requirements (e.g., single tenant). (2)
Redirect URI: (3)
Select Web and enter the Redirect URL provided by Feedier => HTTPS://dashboard.feedier.com/auth/oidc/callback?organizationId={Organization ID in Feedier}
Then, in the organization settings:
URL name | Typical URL |
Discovery Endpoint | https://login.microsoftonline.com/{tenant_id}/v2.0/.well-known/openid-configuration |
Authorization Endpoint | https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/authorize |
Userinfo Endpoint | |
Token Endpoint | https://login.microsoftonline.com/{tenant_id}/oauth2/v2.0/token |
Base URL | https://login.microsoftonline.com/{tenant_id}/v2.0 |
The IDs and URLs with your custom ID can be found directly in the tool you want to use for SSO (e.g. Microsoft, Okta,...).
For further reading, here’s an example of adding an OpenID Connect-based single sign-on application:
...
Click Register (4)
4. Set Up Authentication
After creating the app registration, navigate to Authentication. (1)
Ensure the redirect URI is correctly added.(2)
Set the appropriate Implicit Grant and Hybrid Flows if needed (typically, you’ll enable ID tokens for SSO). (3)
5. Configure API Permissions
Navigate to API permissions in the app registration.(1)
Click on Add a permission.(2)
Select Microsoft Graph.(3)
Select Delegated permissions (4)
Choose the necessary permissions for your application (e.g., User.Read, openid, email) by typing the permission name in the select permissions search bar.(5)=> finally you will find them under API/Permissions name
6. Assign Roles (if required)
Go to App roles in the application registration settings.(1)
Define the following roles as required by Feedier OIDC.
"editor": "Editor"
"admin": "Admin"
"viewer": "Reader"
"restricted_viewer": "ReaderRestrict"
Apply.
...
7. Finalize and Test
Review all settings to ensure everything is configured correctly.
Click on overview (1) => Endpoints (2) => List of endpoints and the Client ID to be used later to set up SSO on feedier
...
Go to Certificates & secrets (1) to get the clinet secret(2) to be used later on the OIDC configuration on feedier side
.png?version=1&modificationDate=1733930521114&cacheVersion=1&api=v2&width=746)
Now you need to communicate to Feedier these credentials :
Client ID
Client Secret
Discovery endpoint