Skip to main content

Single Sign-On (SSO) Setup

This page guides you through setting up Single Sign-On (SSO) for your organization. SSO allows your users to sign in to the application using their existing credentials from your identity provider (IdP), such as Microsoft Azure AD or Okta. This provides a more seamless and secure login experience.

Overview

The SSO setup process involves the following steps:

  1. Initial Setup: Sign up with your email and password, then access the SSO configuration option.
  2. Configuration: Provide your organization details and configure the connection to your chosen identity provider.
  3. Redirect URI Setup: Copy the provided redirect URI and add it to your identity provider's application settings.
  4. Activation: Once configured, SSO is active and users can sign in using their identity provider credentials.

Step 1: Initial Account Setup

Sign Up with Email and Password

  1. Navigate to the sign-up page and create an account using your work email address and a password.
  2. Complete the registration process and verify your email if required.

Access the SSO Configuration Option

  1. Go to the login page after signing up.
  2. Enter your email address in the email field.
  3. You will see a "Configure SSO" option appear. Click on it to begin the SSO setup process.

Step 2: Configure SSO Settings

Fill in the SSO Configuration Form

Once you click "Configure SSO", you'll see a form where you need to provide the following information:

Organization Name

Enter your organization's name. This will be used for identification purposes.

Select an Identity Provider

Choose your identity provider from the available options:

  • Microsoft Azure AD: If your organization uses Microsoft Azure Active Directory.
  • Okta: If your organization uses Okta.

Provide Identity Provider Credentials

Depending on your selected provider, you'll need to provide specific credentials or configuration details:

For Microsoft Azure AD:

  • Client ID: The application ID registered in your Azure AD.
  • Client Secret: A secret key for authenticating with Azure AD.
  • Tenant ID: The ID of your Azure AD tenant.

For Okta:

  • Client ID: The application ID registered in your Okta application.
  • Client Secret: A secret key for authenticating with Okta.
  • Okta Domain: Your Okta domain URL (e.g., your-company.okta.com).

Important: SSO cannot be configured for public email domains (e.g., Gmail, Outlook, Yahoo). You must use your organization's domain.

Submit the Configuration

Once you've filled in all the required information, click the "Set up SSO" button. The system will save your configuration and generate a redirect URI.

Step 3: Add Redirect URI to Your Identity Provider

Copy the Redirect URI

After submitting the configuration, you'll receive a redirect URI. This URI is essential for the SSO flow to function correctly. Copy this URL.

Add the Redirect URI to Your Identity Provider's Settings

Follow the instructions specific to your identity provider to add the redirect URI:

For Microsoft Azure AD:

  1. Navigate to Azure PortalApp registrationsYour appAuthentication
  2. Under "Redirect URIs", click "Add URI"
  3. Paste the redirect URI provided by the platform
  4. Save the changes

For Okta:

  1. Navigate to Okta Admin ConsoleApplicationsYour appGeneral
  2. Click "Edit"
  3. Under "Sign-in redirect URIs", add the redirect URI provided by the platform
  4. Save the changes

Verify and Activate SSO

Once you've added the redirect URI to your identity provider's settings, return to the platform and click the "Verify & Activate" button. The system will verify the connection with your identity provider. If successful, SSO will be activated for your domain.

Step 4: Using SSO to Sign In

SSO is Now Active

After successful verification, SSO is now active for your domain. Users with email addresses matching your organization's domain can now sign in using SSO.

Sign In with SSO

  1. Go to the login page
  2. Enter your email address
  3. The system will detect that SSO is configured for your domain and provide SSO sign-in options
  4. Click on the SSO option to be redirected to your identity provider's login page
  5. Sign in with your identity provider credentials
  6. You'll be redirected back to the platform and signed in automatically

Next Steps

  • Inform your team: Share the new SSO sign-in option with your team members.
  • Test the flow: Encourage users to test the SSO login with their organization accounts.
  • Onboard new users: New team members can now sign in directly using their organization credentials via SSO.

Troubleshooting

  • Incorrect Credentials: Double-check that you've entered the correct Client ID, Client Secret, Tenant ID (if applicable), and Okta Domain (if applicable).
  • Missing Redirect URI: Ensure that you've added the correct redirect URI to your identity provider's settings.
  • Public Email Domain: SSO can only be set up using your organization's domain. Public domains like gmail.com, outlook.com and yahoo.com are not allowed.

If you encounter any issues during the SSO setup process, please contact support for assistance.

Curie Footer Logo
Subscribe to our Newsletter
Product
Features
Security
Curie vs Copilots
Use Cases
Platform Migration
Build Integrations
Maintain Integrations
Company
About
Careers
Trust Center
X
X Icon
Contact
Contact Icon
LinkedIn
LinkedIn Icon
© Curie — All rights reserved.
TermsPrivacy
Cookies