# Azure AD SSO OAuth 2.0

### 1. Go to Sign In & Sign Up -> Authentication

<figure><img src="https://3448227606-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LQ08RFAKZvFADEiXKFy%2Fuploads%2F35PQJlpS6zxyBX3KX3yq%2Fimage.png?alt=media&#x26;token=f9febb7e-155a-4a2c-91b8-41e3f5b18827" alt=""><figcaption></figcaption></figure>

### 2. Create a new External SSO

Specify **Name** and **New members team** for newly created **External SSO**

<figure><img src="https://3448227606-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LQ08RFAKZvFADEiXKFy%2Fuploads%2FDAQuETzw0IAuNASoQyTK%2Fimage.png?alt=media&#x26;token=b99966a2-8525-458e-aed6-771f3d3c718a" alt=""><figcaption></figcaption></figure>

<figure><img src="https://3448227606-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LQ08RFAKZvFADEiXKFy%2Fuploads%2F9pOkRQWBdkVHoF1dc5Ez%2Fimage.png?alt=media&#x26;token=52796cbb-c09f-4d04-bfcd-a2614eab7aee" alt=""><figcaption></figcaption></figure>

### 3. Go to Azure Active Directory -> App registrations and create new new Application

In **Redirect URI (optional)** section fill the following fields

* Platform: Web
* URL: copy **REDIRECT URL** from **Jet Admin -> External SSO** -> **Application parameters** sectio&#x6E;**.**

<figure><img src="https://3448227606-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LQ08RFAKZvFADEiXKFy%2Fuploads%2Fr6xPWfv8WFxpGfQ7hcw8%2Fimage.png?alt=media&#x26;token=800d6a2e-4bf8-40d4-a9a1-f0ffe71ea52e" alt=""><figcaption></figcaption></figure>

<figure><img src="https://3448227606-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LQ08RFAKZvFADEiXKFy%2Fuploads%2FubMFZvAXrHUsBVxz1hYs%2Fimage.png?alt=media&#x26;token=e3b8bc63-3f06-4d9d-bd56-ab7a5b0ba6e7" alt=""><figcaption></figcaption></figure>

### 4. Copy credentials to Jet Admin

* Copy **Application (client) ID** and **Directory (tenant) ID** from **App Registration** page in **Azure portal** to Jet Admin **External SSO**
* Then open **Certificates & secrets** page, create new **Client secret** and copy it's **Value** to Jet Admin **Client Secret**
* You should also set **Scope** to **openid,profile,email,offline\_access**.

<figure><img src="https://3448227606-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LQ08RFAKZvFADEiXKFy%2Fuploads%2Fv8eQHQCSN2MPep7dArw0%2Fimage.png?alt=media&#x26;token=8f3a246d-a7c4-45f5-9ba1-2eb886882646" alt=""><figcaption></figcaption></figure>

<figure><img src="https://3448227606-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LQ08RFAKZvFADEiXKFy%2Fuploads%2FNOEVBBTW4fnVzCbdMYB7%2Fimage.png?alt=media&#x26;token=9740aed2-9b7c-4ec4-9b18-2f2dca3979c2" alt=""><figcaption></figcaption></figure>

<figure><img src="https://3448227606-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LQ08RFAKZvFADEiXKFy%2Fuploads%2F7KinleGj0gzcRwhQc6T8%2Fimage.png?alt=media&#x26;token=1b7fce2c-8733-43a3-ba30-327fc3324125" alt=""><figcaption></figcaption></figure>

### 5. You are all set

**SSO** button should appear automatically on the login and register pages when visiting **Jet Admin** from your **custom domain**.