All Collections
Learn Cobot
Customization and Advanced Features
Single Sign-On (SSO)
Single Sign-On (SSO)

Allow your staff and members to log into Cobot using various identity providers.

Amanda avatar
Written by Amanda
Updated over a week ago

Cobot supports single sign-on (SSO). This means members and admins can log in using various identity providers instead of having to set up a password for Cobot. This can be set up via identity providers that support either OpenID Connect or OAuth2.

OpenID Connect is supported by some big tech companies, so your members can log in with their existing accounts. In addition, dedicated identity providers let you set up your own user management.

  • Google

  • Microsoft Azure Active Directory

  • Sign in with Apple

  • Auth0 / Okta

  • Also support social logins (Google, Facebook, LinkedIn, Twitter, GitHub, etc.)

OAuth2 requires more technical knowledge but is supported by more services and open-source projects.

  • WordPress OAuth / WP OAuth Server

  • Slack

  • Facebook

  • LinkedIn

To set up SSO, click Setup » Single Sign-on » Add Provider, and follow the guides. After adding a provider, you will be given a single sign-on link to place on your website.

Optionally, links can be added to the login and signup forms on Cobot. Members who visit this link will be able to sign up and log in to this space on Cobot using said provider. The provider must support the OAuth2 or OpenID Connect protocol, which will be used to authenticate members.

Here are the configuration steps for a few popular providers:

Slack

Unfortunately, Slack's OAuth2 implementation deviates from the standard, requiring a bit of extra setup.

To set up Cobot Single Sign-on (SSO) with Slack:

* create an app on Slack with the identity.basic and identity.email scopes.

* create a login provider configuration on Cobot under Setup -> Single Sign-on -> Add OAuth 2 Provider

* and fill out the form as below:

Slack configuration

Google

Google uses OpenID Connect which makes the setup very easy.

  • Create an app on Google

  • Create a login provider configuration on Cobot under Setup -> Single Sign-on -> Add OpenID Connect Provider

  • and fill out the form as below (add the Client ID/secret from Google):

Google configuration

More information about using Google for OpenID Connect can be found here.

Microsoft Azure Active Directory B2C

Microsoft uses OpenID but not all of it so the setup is not as easy as it should be. When setting up SSO, select OAuth 2 and not OpenID Connect.

Fill out the form as below, replacing <TENANT_ID> with your tenant id from Microsoft.

Authentication URL

https://<TENANT_ID>.b2clogin.com/<TENANT_ID>.onmicrosoft.com/B2C_1A_PortaleStdFtc_SI/oauth2/v2.0/authorize

Access Token Endpoint URL

https://<TENANT_ID>.b2clogin.com/<TENANT_ID>.onmicrosoft.com/B2C_1A_PortaleStdFtc_SI/oauth2/v2.0/token

Access Token Scope

openid

User Endpoint URL

https://www.<TENANT_ID>.it/infederazioneservices/api/v1/user/currentuser

User Email JSON Pointer

/email

Access Token JSON Pointer

/id_token

For more information, click here.

Did this answer your question?