Azure AD (OIDC) Setup
Step-by-step guide to configure Single Sign-On with Microsoft Entra ID (Azure AD) using OpenID Connect.
Prerequisites
- Azure AD tenant with admin access
- SecureCodingHub org admin account
- Organization domain verified in SecureCodingHub
Step 1 — Register an Application in Azure AD
Go to Azure Portal → Microsoft Entra ID → App registrations → New registration
Name: SecureCodingHub SSO
Supported account types: Accounts in this organizational directory only
Redirect URI: Web → https://api.securecodinghub.com/api/sch/auth/sso/callback/oidc
Click Register
Step 2 — Create a Client Secret
Go to Certificates & secrets → New client secret
Description: SecureCodingHub
Expiry: Choose your policy (recommended: 24 months)
Copy the secret value immediately — it is shown only once
Step 3 — Note Your IDs
Collect the following values from your Azure AD application. You will need them in the next step.
| Setting | Where to Find |
|---|---|
| Application (Client) ID | Overview page |
| Directory (Tenant) ID | Overview page |
| Client Secret | Certificates & secrets |
| Discovery URL | https://login.microsoftonline.com/{tenant-id}/v2.0/.well-known/openid-configuration |
Step 4 — Configure SSO in SecureCodingHub
Log in as Org Admin → SSO Settings
Protocol: OIDC
Entity ID / Client ID: paste your Application ID
Discovery / Metadata URL: paste your OpenID configuration URL
Client Secret: paste the secret
Enable SSO
Click Save
Step 5 — Test
Open an incognito/private browser window
Go to SecureCodingHub login
Enter an email address with your organization's domain
You should be redirected to Microsoft login
After authentication, you should be logged into SecureCodingHub