Microsoft Entra ID setup

Spyglass customers may configure a default Identity Provider to enable Single Sign-On (SSO). This page details how to configure Microsoft Entra ID as your primary Identity Provider.

Supported Features

  • Service Provider (SP)-Initiated Authentication (SSO) Flow - This authentication flow occurs when the user attempts to log in to the application from the Spyglass application.

  • Just-In-Time (JIT) User Provisioning - Users are created in Spyglass on the fly when they authenticate, and don't need to be created in advance.


In order to proceed with configuring login with SSO through Microsoft Entra, you must:

Configuration Steps

The following steps involve first setting up an app in Microsoft Entra ID and then sending the relevant registration information to Spyglass.

1. See the docs for adding an enterprise application.

2. Add the Spyglass Application from the Entra gallery.

3. Find your Application (client) ID and Directory (tenant) ID.

4. Follow the steps to Add a client secret.

5. Email with the subject "SSO Setup" (or send via Slack)

  • Include your Application (client) ID, Client Secret, and Directory (tenant) ID from steps 2, 3, and 4 above.

  • Your account will be set up ASAP.

SP-initiated SSO

  1. Go to the URL provided by your Spyglass administrator, it should look like: "<your-company-id>"

  2. Click the button that says “Sign in with SSO”.

  3. If you are prompted for your Entra username and password, enter them.

  4. If the credentials in 3 above are valid, you will be redirected to Spyglass and will be logged into Spyglass's dashboard.


If you encounter any issues or have any questions, please do not hesitate to reach out to

Last updated