Skip to main content

Overview

Single Sign-On (SSO) allows your team to access Minoa using your organization’s existing identity provider, eliminating the need for separate passwords. Once configured, users sign in through your identity provider instead of managing separate Minoa credentials.

Benefits

  • Enhanced Security: Centralized authentication and access control
  • Simplified Access: One set of credentials for all your tools
  • Faster Onboarding: New team members get instant access
  • Compliance: Meet security and regulatory requirements

Out-of-the-Box Providers

Minoa provides built-in SSO support for these identity providers:
  • Microsoft (Azure AD / Microsoft Entra ID)
  • Google (Google Workspace)
These providers can be configured directly in your Minoa settings without additional setup.
Contact our support team to enable SSO for your organization.

Custom Identity Providers

For organizations using other identity providers, Minoa supports custom SSO configuration using:
  • OpenID Connect (OIDC) — Recommended
  • SAML 2.0
Custom SSO configuration requires assistance from our support team. We recommend using OIDC over SAML for easier setup and better compatibility.

Setting Up Custom OIDC

To configure a custom OIDC identity provider (such as Okta, Auth0, or other OIDC-compliant providers), you’ll need to create an OIDC Web App in your identity provider and share the following details with our support team: Required Information:
  • Client ID: The OAuth client identifier
  • Client Secret: The OAuth client secret
  • Issuer URL: The OpenID Connect issuer URL (e.g., https://your-org.okta.com/oauth2/default)
  • Scopes: The OAuth scopes to request (we recommend at least: openid, email, profile)
After you provide this information, our support team will configure SSO for your organization. The setup typically takes 1-2 business days.

Setting Up Custom SAML

For SAML-based identity providers, contact our support team with your SAML configuration details. We’ll guide you through the setup process.

User Provisioning

Read more about how to automatically provision and deprovision users using SCIM. SCIM ensures your Minoa user list stays in sync with your identity provider.

Troubleshooting

Check these items:
  1. Verify SSO is enabled for your organization
  2. Confirm users are assigned to the Minoa application in your identity provider
  3. Check that the redirect URL is correctly configured
  4. Verify the user’s email address matches between your identity provider and Minoa
Troubleshooting steps:
  1. Verify the SSO configuration details (Client ID, Issuer URL, etc.) are correct
  2. Check that the redirect URI in your identity provider matches Minoa’s expected URL
  3. Ensure the required scopes are configured
  4. Contact support if the issue persists
Solution:Use SCIM to automatically assign roles when users are provisioned. SCIM allows you to map identity provider groups to Minoa roles.