Nolt officially supports single sign-on (SSO) via Microsoft Entra ID (Azure AD) through our OpenID Connect (OIDC) and SAML 2.0 integrations. You can use either protocol with Entra ID.
If you prefer to use OpenID Connect (OIDC) to integrate Microsoft Entra ID with Nolt, follow the steps below:
Sign-in to your Azure account and navigate to Microsoft Entra ID → Add → App Registration:
Enter a name for the application, select Web as the platform, and https://YOUR_BOARD.nolt.io/sso/openIdConnect (replace YOUR_BOARD with your board subdomain) as the Redirect URI:
Copy the Application (client) ID of the application (we'll need this later in part 2):
Next, we need to setup the client secret. Look for client credentials in the Essentials section of the Overview tab:
Click New client secret, and copy the secret value (we'll need this later in part 2):
Navigate to Endpoints in the top bar of the Overview tab and copy OAuth 2.0 authorization endpoint (v2) and OAuth 2.0 token endpoint (v2) (we'll need these later in part 2):
Navigate to your board settings → Integrations → OpenID Connect and configure the following settings:
https://login.microsoftonline.com/DIRECTORY_ID/v2.0
Note: Replace DIRECTORY_ID with the Directory (tenant) ID from the overview tab of your application (part 1).
?client_id=<CLIENT_ID>&redirect_uri=https://<YOUR_BOARD>.nolt.io/sso/openIdConnect&response_type=code&scope=openid%20profile%20email
Note: Make sure to replace CLIENT_ID and YOUR_BOARD before using the above remote login URL.
The remote login URL should look similar to:https://login.microsoftonline.com/abcdefgh-abcd/oauth2/v2.0/authorize?client_id=dummy-dummy-dummy&redirect_uri=https://test.nolt.io/sso/openIdConnect&response_type=code&scope=openid%20profile%20email
department
empId
{"Department":"department","EmployeeID":"empId"}
If you prefer to use SAML 2.0 to integrate Microsoft Entra ID with Nolt, follow the steps below:
Sign in to your Azure account. Navigate to Microsoft Entra ID → Add → Enterprise Application.
Click on Create your own application. Enter a name for the application, select Integrate any other..., and then click Create.
Navigate to Single sign-on tab and select SAML as the single sign-on method.
Setup SAML by filling the first two sections as instructed below...
Basic SAML Configuration
Configure the required fields as follows:
https://YOUR_BOARD.nolt.io
https://YOUR_BOARD.nolt.io/sso/saml
Save the configuration:
Attributes & Claims
It it mandatory to include id, name and email:
If you want to include custom attributes or set the user role (ADMIN, MODERATOR, or MEMBER) for the Nolt board, navigate to Add new claim:
noltUserRole
This is the claim/attribute name to use for specifying the Nolt role. Note that the role can be one of MEMBER, MODERATOR, or ADMIN (case-sensitive).
Custom attributes
You can use any name and source attribute for custom attributes. However, you will need to specify the custom attribute structure in Nolt (see part 2).
X.509 Certificate
Open the App Federation Metadata Url available in SAML Certificates section. Copy the X509 certificate from the xml file.
Convert the certificate to the below format and copy it (by adding the prefix "-----BEGIN CERTIFICATE-----" and suffix "-----END CERTIFICATE-----"):
-----BEGIN CERTIFICATE----- <Copied Certificate> -----END CERTIFICATE-----
Identity Provider Data
Copy Login URL and Microsoft Entra ID Identifier settings from Set up [application name] section.
Navigate to your board settings → Integrations → SAML 2.0 and configure the following settings:
IDP entity ID (Issuer URL):
Paste the Microsoft Entra ID Identifier that you copied earlier (part 1).
https://YOUR_BOARD.nolt.io
https://YOUR_BOARD.nolt.io/sso/azure/saml?loginUrl=LOGIN_URL
Custom attributes (optional)
If you are including any custom attributes, you need to set this field to tell Nolt which custom attributes to expect and where to find them. For example, if you have custom attribute setup in Azure as follows:
Then the user custom attribute structure should be set as follows:
{"Department":"department"}
Please feel free to reach out at hello@nolt.io for help with setting up SSO.
Setting up SSO with OpenID Connect (OIDC)
Setup OpenID Connect via your IdP to provide single-sign-on.
Setting up SSO with SAML 2.0
Setup SAML via your IdP to provide single-sign-on.
Setting up SSO with Auth0
Setup single-sign-on (SSO) via Auth0.
Setting up SSO with Okta
Setup single-sign-on (SSO) via Okta.
Setting up SSO with OneLogin
Setup single-sign-on (SSO) via OneLogin.