Skip to main content
All CollectionsIntegrations
How to Set Up and Use Single Sign-On (SSO) with Confetti
How to Set Up and Use Single Sign-On (SSO) with Confetti

Set up secure and seamless login for your workspace with Confetti’s support for Single Sign-On (SSO) via OIDC.

Daniel Ohlsson 🇸🇪 🇬🇧 avatar
Written by Daniel Ohlsson 🇸🇪 🇬🇧
Updated this week

Confetti supports Single Sign-On (SSO) via any OpenID Connect (OIDC)-compatible identity provider. This guide walks you through the setup process, using Microsoft Entra ID as an example, but the steps will be similar for any other OIDC provider (e.g. Okta, Auth0, Google Identity, etc.).

💡 Tip: Not using Entra ID? No problem! Just adapt the identity provider-specific steps (like app registration) to your provider of choice.

🔧 Step 1: Add an Identity Provider in Confetti

In your Confetti workspace, go to 'Settings' -> 'Auth'.

Under the OpenID Connect section, click 'Add Identity Provider'.

Confetti will ask for three fields:

  • Issuer URL

  • Client ID

  • Client Secret

You'll get these values from your identity provider in the next steps.

🔐 Step 2: Register Your App with the Identity Provider

identitetsleverantören

🛠️ Example: Microsoft Entra ID
If you're using another provider, follow their instructions for creating an OIDC app and getting the required credentials.

Go to Microsoft Entra portal.

Navigate to 'Identity' -> 'Applications' -> 'App registrations'.

Click '+ New registration'.

Fill out the form:

  • Name: e.g. “Confetti SSO”

  • Supported account types: Choose Single tenant

  • Redirect URI: Choose Web, and enter:
    https://app.confetti.events/sso/callback

Click 'Register'.

📎 Step 3: Retrieve OIDC Metadata

In your provider’s settings, locate the OpenID Connect metadata document (usually a .well-known/openid-configuration URL).

Open it in your browser.

Copy the value of "issuer" — this is the Issuer URL you’ll use in Confetti.

🆔 Step 4: Get Client ID and Secret

From your provider’s app dashboard:

  • Copy the Client ID.

  • Create a Client Secret (usually under “Certificates & secrets” or similar), then copy it.

Paste both into Confetti’s Auth settings along with your Issuer URL, and click Save. You may need to confirm your Confetti password to apply the changes.

🔒 Optional: Enforce SSO for Your Workspace

In Confetti’s settings, you can choose to 'Require SSO'.

If enabled:
All users in your workspace must use the configured SSO method to log in.

If disabled:
Users can optionally connect their accounts to the SSO provider from their personal settings.

👤 Step 5: How Users Connect to SSO

  • Open 'Settings' for the user.

  • Scroll to Single Sign-On.

  • Click 'Activate' next to your configured provider.

  • You'll be redirected to the provider to log in and accept permissions.

  • After returning to Confetti, confirm your password to complete the setup.

🚪 Step 6: Logging In via SSO

Once SSO is active:

  • On the Confetti login page, choose 'Login with Single Sign-On'.

  • Enter your email address.

  • You'll be redirected to your identity provider to authenticate.

  • After authentication, you'll return to Confetti.

  • If your workspace has Multi-Factor Authentication (MFA) enabled, you'll also be prompted for your MFA code.

🔁 Secure Access Moving Forward

After connecting SSO:

You'll use your identity provider to log in.

For sensitive actions in Confetti (like changing user settings), you'll be asked to:

  • Reauthenticate with your identity provider

  • Enter your Confetti MFA code

✅ You're All Set!

You now have a secure, streamlined SSO login flow for your Confetti workspace. Whether you're using Microsoft Entra ID, Okta, Auth0, Google, or any other OIDC-compliant provider, Confetti has you covered.


😺 Need help? Contact support — we’re happy to assist.

Did this answer your question?