# How to set up SSO OAuth 2.0 with Azure
Single Sign-On (SSO) is an authentication method that enables users to securely log in to various applications, platforms, or websites using a single set of credentials. SSO functions based on a trust relationship between a service provider application and an identity provider (IdP) such as Google, Okta, OneLogin, or Microsoft AD FS. This trust is typically established through a certificate exchanged between the IdP and the service provider:
Benefits of using SSO:
* Users sign in with existing credentials. They type passwords less often.
* Your IdP stays the source of truth for authentication.
* You do not need to sync passwords with the IdP.
In DocStudio, you can configure Single Sign-On to allow employees to access DocStudio through their Identity Provider (IdP), removing the need for passwords during the login process, ensuring secure and quick access.
DocStudio's single sign-on system can be configured using OAuth 2.0.
{% columns %}
{% column %}
In the **'Integrraions'** tab, you can add your SSO providers to set up SSO authentication for corporate users. To **'Create an SSO provider'**, click on the corresponding button and complete the fields in the modal window:
{% endcolumn %}
{% column %}
{% endcolumn %}
{% endcolumns %}
You can choose the type of metadata (URL or XML). After filling out the details, click the button.
The providers added this way can be edited  or deleted  (although deletion requires confirmation)
### Configuring on the Azure Side
To proceed, register the application in the **Azure Active Directory (Azure AD)** with a corporate identity management administrator account.
Then navigate to the menu and go to:
**Microsoft Entra ID** → **All applications** → **New application**
During registration, set:
* Name
* Supported account types
* Redirect URI
{% columns %}
{% column %}
For the redirect URI, use the value shown in DocStudio when you configure the SSO provider.
{% endcolumn %}
{% column %}
{% endcolumn %}
{% endcolumns %}
Next, create a client secret in Azure.
Copy the secret **Value** and paste it into the DocStudio SSO settings field **Client Secret**.
You can find the remaining values in the application's overview.
* Client ID
After you click the **Azure** button in DocStudio SSO settings, the required URLs are added automatically.
These URLs contain placeholders like `/{tenant}` and `/common`. Replace them with your Azure **Directory (tenant) ID**.
The SSO provider is created successfully.
{% columns %}
{% column %}
You can verify the setup using the link shown in the settings.
{% endcolumn %}
{% column %}
{% endcolumn %}
{% endcolumns %}
Next, enable SSO in the domain settings.
{% hint style="info" %}
Don’t forget to enable access for your users on the Azure side.
{% endhint %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://support.docstudio.com/admin-panel/account-settings/how-to-set-up-sso-oauth-2.0-with-azure.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.