How to Set Up BoldDesk with Azure AD Single Sign-On

In BoldDesk you can configure Single Sign On (SSO) using OAuth2.0 and Open ID Connect. In this article, you will learn about the steps to configure the Azure AD SSO login in BoldDesk.

Check out this video tutorial.

Azure AD

Follow the given steps to configure the Azure AD SSO login in BoldDesk:

1. Go to Admin > Customer Portal > Login
2. Select Open ID Connect.

3. Go to your Azure AD portal and navigate to Azure Active AD > App registrations > New registration.

4. You can either use your existing Application or create a new one.

5. After creating the application, you can view it on the overview page as shown:

6. To generate the client credentials, click on the Add a certificate or secret option and generate the secret keys.

7. Go to overview and click the Add redirect URL.
8. Then select the Add a Platform option and choose “Web”, copy the callback URL from the BoldDesk SSO configuration page and paste it there
9. Enable the ID Tokens checkbox and Configure.

10. Now go to your BoldDesk Portal

• Client ID: This will be available in the Azure AD App’s overview page

• Client Secret – Paste the secret you created in the Azure AD Application.

• Authority: To configure the authority URL, use the following format:

  • https://login.microsoftonline.com/<Directory (tenant) ID>/
  • For example, if the Directory (tenant) ID in the Azure portal is 7e6ea6c7-a751-4b0d-bbb0-8cf17fe85dbb, the authority URL is ‘‘https://login.microsoftonline.com/7e6ea6c7-a751-4b0d-bbb0-8cf17fe85dbb/’’.
  • Tenant ID: Copy the Directory (tenant) ID from the Azure portal.

OAuth 2.0

To use OAuth 2.0 all the above steps are the same except for the endpoints. to get the end points, please find the following steps:

1. Go to the Overview section in Azure AD portal.

• Token End point :

• Get the first token end point. Use the version 2 endpoints

• Authority :

• Get the Authority end point from the list. Use the version 2 endpoints

• For user Info end point use this ‘‘https://graph.microsoft.com/oidc/userinfo’’.

2. After updating, go to your login page, you can see the login option enabled.

Similarly, BoldDesk lets you configure any Identity provider. The methods outlined above are also applicable to the Agent portal.

To address the problem with the identity provider

If you experience an issue such as “Unable to get the email address from the selected identity provider” after configuring the SSO login (this issue is that BoldDesk is unable to retrieve the email address information from the Identity Provider), please follow the procedures to resolve it.

On the application Overview page, find the Token configuration as shown in the screenshot below.

1. Click the Add optional claim option.
2. If you used Open ID connect, select the ID as the token type on the Add optional claim screen.
   • Select the email and preferred_username under Claim.
3. If you used OAuth, select Access as the token type. Both Open ID and OAuth use the same claim selections.

4. Ensure that the registered users in Azure Active Directory have proper email details in all the necessary columns as shown in the screenshot.

Unable to receive Access token

You may face an error message stating that we are unable to receive the access token from the identity provider. Please enable both the access token and the ID token for the app. Normally, OAuth 2.0 will use the access token, and OpenID will use the ID token. Please refer to the screenshot below.