Skip to content
English
Customer Support
  • There are no suggestions because the search field is empty.

đź”— Set up Microsoft Entra ID Single Sign-On (SSO)

STEP-BY-STEP GUIDE TO SSO CONFIGURATION IN CASEBASE.

This article is a comprehensive step-by-step guide on how to configure user authentication for your Casebase account so that app users in your organization can sign in using the Microsoft Identity Platform (Microsoft Entra ID) as an authentication provider via Single Sign-On.

đź“„Content:
A) Create app (EntraID)
B) Register app (EntraID)
C) App authorizations (EntraID)
D) Configuration (Casebase)
E) SSO testing (Casebase)
F) App access restrictions (EntraID) - optional

 

ℹ️: Ensure you have the necessary Microsoft Entra ID admin roles (consult your IT department if needed) and the Casebase administrator role to complete these settings.

 

HOW TO SET UP MICROSOFT ENTRA ID SINGLE SIGN-ON IN CASEBASE

 

A) Creating a New Application in Microsoft Entra ID

  1. Log in to the Microsoft Entra Admin Center.
    If you have access to multiple tenants, use the settings icon at the top of the menu to switch to the desired tenant via the “Directories + Subscriptions” menu, where the application should be registered.
  2. Navigate to App registrations
    (Identity > Applications > App registrations)
  3. Click on + New registration
  4. Create a new app registration:
    1. Assign a name to the app (e.g., Casebase SSO).
    2. Select the supported account types
      (e.g., Accounts in this organizational directory only). A description of the various account types can be found in the application registration guide.
    3. Do not enter a redirect URI yet. This configuration will be done in the next step.
  5. Complete the app registration by clicking Register.

 

🚨 Write down the Application (client) ID and Directory (tenant) ID shown on the app overview page.ight

đź”—Microsoft documentation for this step

 

 

B.) Registering the Redirect URI (your Casebase response URL)

  1. Navigate again to App registrations in the Microsoft Entra Admin Center
    (Identity > Applications > App registrations)
  2. Select the app you created in the previous step (Casebase SSO).
  3. Choose Authentication from the app’s side menu under the Manage section.
  4. Click + Add a platform
  5. Under Web applications, choose the Single-page application button.
  6. Under Redirect URIs, now enter the specific Casebase redirect URI
    (e.g., https://[your-domain].casebase.ai/)
  7. Do not check any of the boxes under Implicit grant and hybrid flows.
    Click Configure to complete adding the redirect URI.

đź”—Microsoft documentation for this step

 

 

C.) Adding App Permissions

  1. Navigate again to App registrations in the Microsoft Entra Admin Center
    (Identity > Applications > App registrations)
  2. Select your app (e.g., Casebase SSO)
    1. Choose Certificates & secrets from the app’s side menu under the Manage section.
      Under Client secrets, click + New client secret.
    2. Provide a description for the new client secret (e.g., Graph API access for Casebase).
    3. Choose an expiration period for the client secret (e.g., 12 months).
    4. Click Add to complete the creation of the new client secret.

  3. Go to API permissions under the Manage section in the sidebar.
    1. Click + Add a permission.
    2. Choose Microsoft Graph.
    3. In the Request API permissions section, select Application permissions.
    4. Search for “user” in the search bar.
    5. Under the User dropdown, enable User.Read.
    6. Click Add permissions.
    7. Grant admin consent for the added permission. More details can be found here.

đź”— Microsoft documentation for this step

 

 

D.) Configuring SSO in Casebase

  1. Open a new browser tab with your Casebase app.
  2. Navigate to Company Settings (gear icon in the upper right corner).
    Note: If this icon is not visible, you do not have admin rights and cannot configure SSO in Casebase.
  3. Navigate to Integrations in the side menu of the company settings, then select Microsoft SSO.
  4. Enter the Microsoft SSO configuration data into the provided input fields:
    1. Enter the Application ID (Client ID).
      If it’s not cached, you’ll find it under Microsoft Entra ID > Identity > Applications > App registrations > Casebase SSO > Overview page.
    2. Enter the Directory ID (Tenant ID).
      If it’s not cached, you’ll find it under Microsoft Entra ID > Identity > Applications > App registrations > Casebase SSO > Overview page.
    3. Click Update to save the settings.

 

E.) SSO Login Testing

 

Tip: Use a login with an e-mail address and password to test the configuration.

    Once you have set up and update the SSO configuration, a "Test SSO Configuration" button will appear.
    Clicking it will open a Microsoft login page where you can sign in with your Microsoft work account.

    âś… If the configuration is successful, you will be redirected back to the SSO configuration page.

    ❌ If the configuration is incorrect, Microsoft will display an error message with details about the issue.
    Use your browser to navigate back to the SSO configuration page in Casebase, correct the entered values, save the changes, and test the SSO configuration again.

    đź’ˇAs soon as we have entered values in the integration mask, the SSO login is displayed on your https://[custom domain].casebase.ai/login/, even if the values may be incorrect. Due to the lack of authorization to read your Micorosoft EntraID data, we can only test the configuration to a limited extent.

     

    F) Access Restriction to Casebase via EntraID User Groups (optional)

    Optional you can restrict the registered Entra ID app to those users who should have access to Casebase—regardless of their role-based permissions (which can be managed via Casebase). 

    F1) Enable User Assignment for the Casebase App

    1. Sign in to the Microsoft Entra Admin Center.

    2. If you manage multiple tenants, use the "Directories + Subscriptions" filter at the top to select the correct tenant.

    3. Navigate to Entra ID > Enterprise Applications > All Applications.

    4. Locate and select the Casebase application.

    5. In the left menu, go to "Properties".

    6. Set "Assignment required?" to "Yes".

    7. Click "Save" at the top to apply the change.

    ℹ️: Once assignment is required, users must be explicitly assigned to the app to access it. End-user consent will no longer be allowed—make sure a global administrator grants tenant-wide admin consent if needed.

     

    F2) Assign Users and Groups

    1. In the Casebase app, go to "Users and groups" and click "Add user/group".

    2. In the "Users" section, select the desired users or groups.

    3. (Optional) If Casebase supports app roles, you can assign roles here.

    4. Click "Assign" to confirm.

    5. Once assigned, users and groups will appear in the list and will be able to sign in via SSO.

     

    đź”— Restricting a Microsoft Entra app to a group of users