Skip to main content

Getting started with SSO - Microsoft Entra ID

Single sign-on allows you to login using your company credentials. Visla Single Sign-On(SSO) is based on OIDC (OpenID Connect).

Updated over a week ago

Config on your SSO provider

Navigate to Microsoft Entra ID

In Microsoft Entra ID, click “Applications”, “App registrations“, then click “New registration“.

Register the Application

The application name is for your reference only — pick something that fits your organization. For supported account types, choose either single-tenant or multi-tenant, depending on your organization's setup. Select Web as the type for the redirect URL, and paste https://app.visla.us/sso?appId=xxxxxxxxx, which you copied from Visla.

Click Register.

Continue Adding Redirect URIs

Select the application you just registered. Click Authentication, then click Add URI under “Web / Redirect URIs“. Enter https://app.visla.us/sso-logout, which can be found in Visla’s SSO settings page.

Now, click Add a platform and then Mobile and desktop applications.

Enter visla://oidc_callback as the Custom Redirect URI and click Configure to save. After doing this, the GUI will look like the following. So 3 URIs in total need to be added.

Configure Application Credentials

Create a new Client secret and copy it into Visla’s OIDC setup panel, within the Secret input. Don't turn on “Enable Single Sign-On” just yet, we still need to get the Client ID and Issuer URL for your application.

Warning: You will need to generate a new client secret before it expires.

Client ID and Issuer URL

To complete your configuration, you need two more pieces of information. You can find both in the application's Overview section.

  • Copy the Application (client) ID into the Client ID field in Visla.

  • Under Endpoints, copy the part in front of .well-known/openid-configuration in OpenID Connect metadata document URL to the Issuer URL field In Visla.

Your Visla OIDC configuration should now look similar to the example below. Turn on Enable Single Sign-On to activate SSO.

Did this answer your question?