Security
Single Sign-On (SSO)
Light mode
T
Getting started
Start guide
Architectures
Published
Designs
Generate
Resources
Insights
Toolbar
Account
Preferences
Security
SCIM Provisioning
Single Sign-On (SSO)
Company
Workspace
Members
Teams
Billing
Activity
Configuration
Cloud
Documents
Guardrails
Scopes
Updates
Changelog

Single Sign-On (SSO)

Introduction

Overview

Intro

SSO Setup Email

Dawnguard will send your technical PoC a one-click SSO setup e-mail. Once you receive this e-mail, you have 48 hours to click the link in the e-mail to connect your Entra-ID to Dawnguard. If your e-mail has expired, please request a new e-mail from customer support.

Selecting your SSO domain(s)

After clicking the link in the SSO setup e-mail, you will be taken to the Dawnguard application. The system will then ask you to;

1. Provide the email domains that your users sign in with.

For example, if your user's login with email@company.com OR email.company.nl you should register both company.com and company.nl. Registering these domains allows our system to determine which customer is signing in, without requiring customer-specific domain names.

2. Click continue to Microsoft

3. Login with your Microsoft account

Granting permissions

Once you have logged-in, Entra-ID will prompt you to provide consent to the permissions needed by the Dawnguard App. You can click "Accept" to continue.

SSO Setup Complete

You are now redirected back to the Dawnguard app. Your SSO has succesfully been connected.

To login, you should navigate to the Azure portal and assign users to the newly created "Dawnguard One-Click Connect" Enterprise app to provide access to the system.

Create App Registration

  1. Go to https://portal.azure.com.
  2. In the search bar, type App registrations and select it under Services.
  3. Click + New registration.
  4. In the Name field, enter Dawnguard.
  5. Under Supported account types, select: Accounts in this organizational directory only.
  6. In the Redirect URI section, select Single-page application (SPA) under Select a platform.
  7. Copy and paste the following value:
Input Value
Redirect URI https://dawnguard.app/
Copy
  1. Click Register to complete the registration.
  2. Under Manage, select: API permissions.
  3. In API permissions click Grant admin consent for [your company name].
  4. The status of the API / Permissions name will change to Granted for [your company name].

Share OIDC Details

  1. In the search bar, type App registrations and select it under Services.
  2. Under All applications, click the newly created Dawnguard app registration.
  3. In the Essentials section, locate and copy the Directory (tenant) ID and Application (client) ID.
  4. Open the email from Dawnguard with the subject Dawnguard SSO Configuration Details.
  5. In the form included in that email, paste the following values:
Input Value
Company domain name E.g. dawnguard.ai
OIDC Authority Directory (tenant) ID
OIDC Client ID Application (client) ID
  1. In the form, under Customer Cloud, select your cloud provider (AWS, Azure, or GCP).
  2. Click Submit.
  3. Dawnguard will create your organization environment.
  4. You will be contacted by email to schedule a kickoff call once SSO has been configured.