Login MethodsPrimary Factors

Log in with Microsoft

Add Log in with Microsoft support to your product without any code

Adding Log in with Microsoft to your Tesseral Project gives your customers the ability to use their Microsoft account to log into your product. Configuring Log in with Microsoft doesn’t require any code.

Configure Log in with Microsoft

To enable Log in with Microsoft for your product, open the Tesseral Console and go to your Project Settings. Scroll down to the “Microsoft settings” section and click “Edit”.

You’ll be prompted to enter a “Microsoft Client ID” and “Microsoft Client Secret”. These are credentials you’ll obtain from Microsoft. Here’s how:

  1. Go to the Azure Portal.

  2. Select an existing directory and app registration or create a new one.

  3. In the left sidebar, navigate to Azure Active Directory > App registrations.

  4. Click New registration.

  5. Give your application a name. The name won’t be shown to customers.

  6. Under Redirect URI, select Web and enter:

https://VAULT/microsoft-oauth-callback

Replace VAULT with your Project’s Vault Domain, which you can find under “Current Vault Domain” in your Project’s Vault Domain Settings.

  1. Click Register.

  2. After registration, go to Certificates & secrets and generate a Client Secret.

  3. Go to Overview and copy your Application (client) ID — this is your Client ID.

Input the Client ID and Client Secret into the Tesseral Console. Then switch on “Log in with Microsoft”.

You’ve now enabled Log in with Microsoft for your Project. Your customers can now sign in using their Microsoft account — no code changes required.

You can disable Log in with Microsoft at any time.

Customer Configuration

Your customer does not need to take any steps to use Log in with Microsoft. All new customer Organizations support Log in with Microsoft once you enable Log in with Microsoft on your Project.

It’s common for customers to want to disable Log in with Microsoft for their organization. They can do this self-serve from their Self-Serve Organization Settings, or you can do it on their behalf by:

  1. Going to your Project’s Organizations in the Tesseral Console.

  2. Choosing your customer’s organization from the list.

  3. Under the Organization’s “Details” section, click “Edit”.

  4. Under “Login settings”, switch “Log in with Microsoft” off.

Disabling Log in with Microsoft on an Organization only disables Log in with Microsoft for that specific Organization; all of your other customers can continue to use Log in with Microsoft.