This document explains how to configure OAuth 2.0 SSO between Azure AD and DocStudio, including app registration, redirect URI, client ID/secret, and tenant ID.
Single Sign-On (SSO) is an authentication method that enables users to securely log in to various applications, platforms, or websites using a single set of credentials. SSO functions based on a trust relationship between a service provider application and an identity provider (IdP) such as Google, Okta, OneLogin, or Microsoft AD FS. This trust is typically established through a certificate exchanged between the IdP and the service provider:
Benefits of using SSO:
Users sign in with existing credentials. They type passwords less often.
Your IdP stays the source of truth for authentication.
You do not need to sync passwords with the IdP.
In DocStudio, you can configure Single Sign-On to allow employees to access DocStudio through their Identity Provider (IdP), removing the need for passwords during the login process, ensuring secure and quick access.
DocStudio's single sign-on system can be configured using OAuth 2.0.
In the 'Integrraions' tab, you can add your SSO providers to set up SSO authentication for corporate users. To 'Create an SSO provider', click on the corresponding button and complete the fields in the modal window:
You can choose the type of metadata (URL or XML). After filling out the details, click the button.
The providers added this way can be edited or deleted (although deletion requires confirmation)
Configuring on the Azure Side
To proceed, register the application in the Azure Active Directory (Azure AD) with a corporate identity management administrator account.
Then navigate to the menu and go to:
Microsoft Entra ID → All applications → New application
During registration, set:
Name
Supported account types
Redirect URI
For the redirect URI, use the value shown in DocStudio when you configure the SSO provider.
Next, create a client secret in Azure.
Copy the secret Value and paste it into the DocStudio SSO settings field Client Secret.
You can find the remaining values in the application's overview.
Client ID
After you click the Azure button in DocStudio SSO settings, the required URLs are added automatically.
These URLs contain placeholders like /{tenant} and /common. Replace them with your Azure Directory (tenant) ID.
The SSO provider is created successfully.
You can verify the setup using the link shown in the settings.
Next, enable SSO in the domain settings.
Don’t forget to enable access for your users on the Azure side.
button.
or deleted 
(although deletion requires confirmation)
