Single Sign On (SSO)

If you would like SSO enabled for your organization's service desk, please contact TicketLog support.

Single Sign On with TicketLog is only available:

• With TicketLog Pro

• For service desks with a custom domain

• For Microsoft Entra ID as your identity provider (Idp)

Setup SSO with Entra ID

To setup SSO on your Entra ID tenant, follow these steps:

1. Add a new App Registration to Entra

   • Name it "TicketLog SSO"

   • Single tenant

   • Redirect URI (Web): https://ticketappb2c.b2clogin.com/ticketappb2c.onmicrosoft.com/oauth2/authresp

   • Record the Application (client) ID

2. Create a Secret

   • Select Certificates & secrets, and then select New client secret.

   • Enter a Description for the secret, select an expiration, and then select Add.

   • Record the Value of the secret

3. Assign users

   • Either add users and groups to the application who you want to have access to TicketLog, or set 'Assignment Required' to No.

   • Note, this does not automatically create TicketLog accounts. Each account is created at the time of first sign in to TicketLog.

4. Set branding & properties (optional)

   • Set a logo and homepage for the application. This can be used in your Enterprise My Apps page (additional configuration is required).

5. Add token claims

   • Select Token configuration.

   • Select Add optional claim.

   • For the Token type, select ID.

   • Select the optional claims to add: email ,family_name and given_name.

   • Select Add.

   • If Turn on the Microsoft Graph profile permission (required for claims to appear in token) appears, enable it, and then select Add again.

6. Pass details to TicketLog

   • Pass the following details to TicketLog:

     • Application (client) ID from above

     • Secret Value from above

     • Tenant primary domain

       • This is not the name of the tenant.

       • In Azure portal or Entra Admin portal, primary domain appears here:

         
       • If you don't have a primary domain, we can also accept your *.onmicrosoft.com domain or your Tenant ID. However, a custom domain name is better as it provides a hint to the login process to improve the sign-up and sign-in process.

Please note:

• When adding users to Entra, ensure you also set the Email property. Doing so will simplify the user's signup experience.

• When users first sign in to TicketLog using SSO, they will be faced with a signup screen. They need to confirm their email address by sending a verification code.

• Please instruct users to follow the on-screen instructions, and ask they do NOT alter the email address.