<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1078784549954977&amp;ev=PageView&amp;noscript=1">
Skip to content
  • There are no suggestions because the search field is empty.

Microsoft SSO

Microsoft Entra ID – App Registration Guide for UnDesked

Step 1: Login to Microsoft Entra Portal

  1. Go to: https://entra.microsoft.com

  2. Login with your Microsoft admin account.

Step 2: Register a New Application

  1. Click "App registrations" from the left menu.

  2. Click "+ New registration".

  3. Enter an application name (example: UnDesked OIDC Integration).

  4. Keep the default settings (Single tenant recommended).

  5. Click "Register".

Image1Image2

Step 3: Copy Client ID and Tenant ID

  1. Open the "Overview" tab of the newly created app.

  2. Copy the following values:

    • Application (Client) ID

    • Directory (Tenant) ID

You will need these values in UnDesked.

Image3

Step 4: Create Client Secret

  1. Go to "Certificates & secrets".

  2. Click "+ New client secret".

  3. Add description (example: UnDesked Secret).

  4. Choose expiration period as per your security policy.

  5. Click "Add".

  6. Copy the Secret VALUE immediately and save it securely.

IMPORTANT: The secret value will not be visible again after you leave the page.

Image4

Image5

Step 5: Configure Redirect URLs

  1. Go to "Authentication (Preview)".

  2. Click "+ Add a platform".

  3. Select "Web".

  4. Add the following Redirect URIs:

https://app.undesked.com/api/backend/login-oidc-callback https://app.undesked.com/api/backend/authenticate-oidc

      5. Click "Save".

Image6

Step 6: Configure in UnDesked

Open the UnDesked Integration Configuration dialog and enter:

Client ID: (Application ID from Overview)
Tenant ID: (Directory ID from Overview)
Client Secret: (Secret value created earlier)

Click "Test Integration".

If everything is configured correctly, the integration will succeed.

Image7

Notes:

  • If the secret expires, generate a new one and update it in UnDesked.

  • Make sure the redirect URLs are entered exactly as shown (including https).

Step 7: Login via SSO

Any person, who logins via SSO, won’t be able to login with UnDesked password once they logins via SSO

You can provide “SSO Identifier” or SSO URL to users so they can login with UnDesked. Permissions here will be applied to any user that logins via SSO but isn’t part of UnDesked yet. For users, that already exists in UnDesked, their existing permissions will remain intact. This will make any/all EntraID users to be able to login via SSO into UnDesked.

If you want to restrict SSO login to only certain group of people in Entra ID, you can do so by applying restrictions within EntraID