Single Sign-On (SSO) Setup Guide
Make it simple for everyone in your organization to sign in to AppNavi using the same corporate credentials you already use every day. Follow these steps to turn on SSO, enter a few settings, and you’re done.
-
Before you begin, confirm that:Prerequisites- You have Tenant Admin access in AppNavi.
- Your AppNavi tenant is active.
- You’ve registered an application in your identity provider (Azure AD or Okta) and collected:
- Client ID
- Client Secret
- Metadata (Discovery) URL
- Redirect URI (we’ll provide this in Step 3)
- Scopes: usually openid profile email
-
Turn On SSO
- Sign in to the AppNavi portal with your Tenant Admin account.
- In the left menu, click Manage Tenant.
- On the Settings tab (the first tab), scroll to the Authentication section.
- Flip the Enable SSO switch to On.
- As soon as you enable SSO, a new OAUTH tab appears next to Settings.
-
What You’ll Need
- Tenant Owner account in AppNavi (this is the admin user)
- An active tenant in AppNavi
- A prepared app in your identity service (Azure AD or Okta) that gives you:
- Client ID (a long code)
- Client Secret (a secret code)
- Metadata URL (a web address where AppNavi checks settings)
- Scopes (just type openid profile email)
-
Configure Your Identity Provider
Field Value Callback (Redirect) URI https:///ed707f9c/signin-oidc
(replace with your actual domain)Authorization URI https:///oauth2/v1/authorize Token URI https:///oauth2/v1/token Userinfo URI https:///oauth2/v1/userinfo Issuer https:///oauth2/default Client ID your-client-id Client Secret your-client-secret Scopes openid email Token Endpoint Method GET
Note: Some IdPs call “Redirect URI” or “Reply URL” what AppNavi labels Callback URI.
Updated 19 days ago