Single sign-on (SSO)
  • 10 Jul 2024
  • 1 Minute zum Lesen
  • Mitwirkende
  • pdf

Single sign-on (SSO)

  • pdf


Microsoft Entra ID

  1. Communicate your tenant ID to
  2. We will configure your tenant in Campos accordingly and communicate back the admin consent link, in the form of:{your tenant ID}/adminconsent?client_id={Campos client ID}
    For more information, see
  3. After granting tenant-wide admin consent (permissions profile and User.Read and claims email, given_name und family_name are requested), the SSO configuration is finished.

OpenID Connect

Contact to schedule a short Microsoft Teams meeting to setup SSO.
The following claims are required:

  • sub
  • email
  • given_name
  • family_name

It is recommended to use a stable ID for the sub claim that never changes (like a GUID) and avoid unstable attributes like email address (may change on marriage).


  1. Communicate the entityID (authority-URL) to
  2. We will add your identity provider and give you the URL for the SAML metadata XML. It will look like{your auth scheme }
  3. Import the metadata XML
  4. Typical claim rules:
  • User-Principal-Name -> email
  • Given-Name -> given_name
  • Surname -> family_name
  • ObjectGUID -> Name ID

What's Next