Skip to main content
Skip table of contents

Single Sign-On with Microsoft Entra ID (previously known as Azure Active Directory)


Integration of qibb with Active Directory can be achieved through OpenID Connect, SAML, or LDAP. However, we recommend choosing OpenID Connect due to its modern approach, which is generally easier to set up and complies with the highest security standards. Below is the process described for connecting qibb with Azure Active Directory using OpenID Connect.




Request the qibb IdP URL

  • To get started, you will need the qibb IdP URL, which will be used by redirects between qibb’s Sign in Page and your Identity Provider. You can reach out to our Support Team to retrieve the qibb IdP URL.


Setup an App in Microsoft Entra ID

  • You will need to register an app in Azure Entra ID with type “Web Application” and using the qibb IdP URL. Follow the official guide of Microsoft.

  • You can restrict access to qibb for a specific set of users by following this guide.

  • Create a new Client Secret and note down the secret value. This needs to be shared with our Support Team in next step.


Provide the App Information to Support Team

  • Provide the Application ID, Tenant ID and Client Secret Value of the newly registered app to our Support Team, which will use this data to complete the setup.


Defining group mapping in alignment with Support Team

  • Group mapping enables you to determine the specific Qibb permissions that a group of users should receive automatically (such as an assignment to a qibb group), depending on their membership in an Active Directory group.

  • You will need to configure group attributes in Microsoft Entra for the registered application by following this guide.

  • Provide a list of the SID (Security Identifier) for each Active Directory group, which shall be mapped to a desired group in qibb, to our Support Team. A set of default groups and patterns are available

  • Once the group mapping is set up using the SID, members of that specific group will be automatically assigned to the corresponding Qibb group after each login.

  • If you wish to change or extend the group mapping in future, contact our Support Team with the request to update the configuration.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.