Azure AD SSO Setup
Superblocks single sign-on (SSO) with Azure Active Directory (Azure AD) lets your team seamlessly authentication and access Superblocks using their Azure AD credentials. This guide walks trhough how to configure single sign-on for Superblocks.
Prerequisites
To setup SSO for your organization, you'll need:
- An Azure AD tenant
- A user account with, at a minimum, Cloud application administrator access
- A Superblocks organization on the Enterprise plan
Setup Azure AD
Set up single sign-on for Azure AD by registering an application in the Azure portal. See Microsoft's Quickstart: Register an application with the Microsoft identity platform for full details.
Register an application
- Sign in to the Microsoft Entra admin center
- Navigate to Identity → Applications → App registrations
- Click + New registration
- Name the application
- Set Supported account types to Accounts in this organizational directory only
- Under Redirect URI select Web and enter
https://login.superblocks.com/login/callback
- Click Register
Setup authentication
After your app has been registered, configure authentication for the application.
- In App registrations select your new application
- Under Manage, select Authentication
- Set the Front-channel logout URL to
https://app.superblocks.com/logout
- Under Implicit grant and hybrid flows check the boxes for both Access tokens and ID tokens
- Save your configuration
info
For customers on Superblocks EU set the logout URL to https://eu.superblocks.com/logout
Add a client secret
Superblocks uses a client secret to authenticate with Azure when requesting user authorization tokens. To create a client secret for you application:
- Under Manage, select Certificates & secrets
- On the Client secrets tab, click + New client secret
- Enter a description and select an expiration date for your secret
- Click Add
- Copy the secret value
caution
The secret value will never be shown again after you leave this page. Be sure to copy and save it to a safe place like your password manager.
Send IDP info to Superblocks
Once you've configured your Azure AD application, send the following information to support@superblocks.com
Client ID | The Application (client) ID for your Azure AD. You can find this value on your app's Overview screen. |
---|---|
Client Secret | The secret value you copied when you added a client secret. Note: we recommend using a secure transfer mechanism such as `https://onetimesecret.com` or similar to send the secret. |
Azure AD Domain | Your Azure AD domain name. You can find this on your Azure AD directory's overview page in the Microsoft Azure portal. |
Other domains | The list of domain and domain aliases your employees should be able to use when logging into Superblocks. |