SSO via OAuth 2.0 / OIDC

SSO with any IDP. In general, s.GUARD supports single sign on (SSO) with any identity provider (IDP) which uses the OAuth 2.0 or OIDC standard. To configure a SSO integration for the s.GUARD system,…

Updated
SSO with any IDP

In general, s.GUARD supports single sign on (SSO) with any identity provider (IDP) which uses the OAuth 2.0 or OIDC standard.

To configure a SSO integration for the s.GUARD system, you need to provide the following information to the s.GUARD support team:

  • Authorization URL
  • Token URL
  • Client ID
  • Client secret value

In return, you will receive the redirect URL from s.GUARD support.

SSO with Entra ID

This section describes the required steps to configure SSO via OIDC in Microsoft Entra ID:

  1. Log in to Microsoft Azure portal
  2. Go to "Microsoft Entra ID"
  3. Open "Enterprise Applications"
  4. Click "+ New application", then "+ Create your own application"
    1. Define a name for the application (e.g. "s.GUARD SSO")
    2. Select "Integrate any other application you don't find in the gallery (Non-gallery)"
    3. Confirm with "Create"
  5. Go to "Manage -> Properties" and click on the link "application registration"
  6. Select "Manage -> API permissions" and click "+ Add a permission"
    1. Select "Microsoft Graph" and click on "Delegated permissions"
    2. Check "User.Read" and click "Add permissions"
    3. Click "Grant admin consent....."
  7. Go to "Authentication"
    1. Click "+ Add a platform" and select "Single-page application"
    2. Set redirect URIs to:
      1. https://admin.instasolution.ch/*
      2. https://app.instasolution.ch/*
    3. Click again "+ Add a platform" and select "Mobile and desktop applications"
    4. Set redirect URIs to:
      1. ch.instaguard2.insta://oauth2redirect/identity-provider
      2. idp.instasolution.ch://auth/idp
      3. http://localhost:3456/auth_callback
      4. http://localhost:4200/callbackCloak/*

Silent login for the Windows desktop client

Contact