Skip to main content
SSO lets your team log in to Flowla using their existing Microsoft credentials — no separate passwords, no extra accounts to manage. This guide is a simplified, Flowla-focused walkthrough derived from the official Microsoft guide, which you can refer to for full platform details.

Prerequisites

  • Microsoft Entra user account with one of the following roles: Cloud Application Administrator, Application Administrator, Owner of the service principal
  • Admin access to your Flowla workspace
User emails in Flowla must match user emails in Entra ID; otherwise authentication will fail.
1

Register your application

Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator. Browse to Entra ID → App registrations → New registration.Fill in the following:
  • Name: e.g. “Flowla SSO”
  • Supported account types: select the appropriate option for your organization
  • Platform type: Web
  • Redirect URI: https://app.flowla.com/sso
Click Register.
Entra ID app registration page with Register action highlighted
2

Configure authentication settings

In your app registration, navigate to Authentication. Verify your redirect URIs are correctly configured under the Web platform — this enables the standard Authorization Code flow.
Entra ID Authentication page showing Web platform redirect URI configuration
3

Configure client credentials

Navigate to Certificates & secrets and select New client secret. Add a description, select an expiration period, then click Add.Copy the secret value immediately — it cannot be shown again.
Protect your Client Secret Value by keeping it confidential. Avoid sharing it in public repositories, forums, or unencrypted channels.
Entra ID Certificates and secrets page for creating a new client secret
Entra ID client secret value displayed after creation
4

Configure API permissions

Navigate to API permissions → Add a permission → Microsoft Graph → Delegated permissions. Search for and add:
  • openid — required for OIDC authentication
  • profile — access to the user’s basic profile information
  • email — access to the user’s email address
Click Add permissions.
Entra ID API permissions screen with Microsoft Graph delegated permissions selected
5

Gather application details

From the Overview page, note the following — you’ll need these in the next step:
  • Application (client) ID: your app’s unique identifier
  • Directory (tenant) ID: used to build your Identity Provider URL: https://login.microsoftonline.com/{tenant}/v2.0/
  • Client Secret Value: the value you copied in Step 3
Entra ID overview page showing application and directory IDs
6

Enable SSO in Flowla

In Flowla, go to Settings → Security & Permissions and click Enable SSO. Fill in the form with the values from Entra ID:
Flowla SSO setup form with identity provider URL, client ID, client secret, and email domain fields
1

Enter your Identity Provider URL

Paste https://login.microsoftonline.com/{tenant}/v2.0/ (replace {tenant} with your Directory tenant ID)
2

Enter your Client ID

Paste the Application (client) ID
3

Enter your Client Secret

Paste the Client Secret Value (not the secret ID)
4

Set your email domain

Enter the email domain your organization uses (e.g. yourcompany.com). Users with this domain will be required to sign in via SSO.
5

Save and test

Click Save to activate SSO. Open a new browser session and verify you can sign in via Entra ID.

For more information, visit Microsoft Entra ID OIDC setup (non-gallery application)

Official guide for configuring OIDC SSO for a custom non-gallery application.