Skip to main content

Custom SSO Route

Introduction

A custom route for Single Sign-On (SSO) allows you to create a unique URL for users to log in using SSO.
This feature is useful for organizations that want to customize the login experience for their users.
It will also make the login experience more intuitive and user-friendly as the user do not have to first enter their email address in the Breeze login page before being redirected to the IdP login page.

This guide provides instructions on how to configure a custom SSO route in Breeze.

Prerequisites

Before setting up SSO User Onboarding, ensure that an SSO integration is already set up in Breeze.
For more information on setting up SSO, refer to the Setup Azure AD/ Entra ID.

Configuration

Default Configuration

By default, the SSO route is not customized. Users can log in using the default normal login flow in Breeze.

Configuring a Custom SSO Route

To enable automatic user onboarding, the following steps are required:

  1. Navigate to Tenant Settings: In the Breeze admin portal, go to the Tenant settings page.
  2. Open Security Settings: Select the Security settings tab and click on Edit security settings.
  3. Configure SSO Settings: In the SSO Settings section, click the Change Settings button.
  4. Locate the Custom SSO Route section and click on the Change Settings button.
  5. Enter the desired custom route in the Custom SSO Route field. Must be a single word that will be appended to the SSO route. For example, if the custom route is mycompany, the SSO route will be https://breeze.idportal.no/sso/mycompany.
important

The route value must be a unique single word, URL compatible string that will be appended to the SSO route.
E.g. mycompany, mycompany123, mycompany-123, mycompany_123 are all valid.

We strongly recommend that you use a value that is unique to your organization to avoid conflicts with other tenants.

warning

We preserve the right to change the route if it conflicts with other tenants and you cannot show that you have the right to use the route.

For example using a know trademarked name like microsoft or google without being able to show that you have the right to use it.

After saving the custom route, you should be able to visit https://breeze.idportal.no/sso/{custom-route} to log in using the SSO authentication method.