Xelto supports SSO authentication with the following identity providers:
Google - Organizations using Google Workspace
Microsoft Entra ID - Organizations using Microsoft 365 / Azure
Okta / Auth0 - Organizations using Okta Identity Platform
Once configured, your users will be able to log in to Xelto using their existing corporate credentials.
Before you begin, ensure you have:
Administrator access to your identity provider (Google, Azure, Okta)
The organization name you want to use (e.g., acme)
Access to configure applications in your identity provider
After successful setup, users will be able to log in to the system using the provided SSO name and the configured identity provider.
Go to Google Cloud Console
Select your organization's project (or create a new one)
Navigate to APIs & Services → Credentials
Click Create Credentials → OAuth client ID
Select Web application
Configure:
Name: Xelto SSO
Authorized redirect URI: https://t7uq4ebbhvpci.azurewebsites.net/signin-google
Click Create
Copy the Client ID and Client Secret
If your users will access Xelto from iOS devices:
Create another OAuth client ID
Select iOS as application type
Enter the Xelto iOS Bundle ID (provided by Xelto support)
Copy the iOS Client ID
Go to Azure Portal
Navigate to Microsoft Entra ID → App registrations
Click New registration
Configure:
Name: Xelto SSO
Supported account types: Select based on your needs:
Single tenant: Only users from your organization
Multi-tenant: Users from any Azure AD organization
Redirect URI:
Platform: Web
URL: https://t7uq4ebbhvpci.azurewebsites.net/signin-entraid
Click Register
After registration, from the Overview page, copy:
Application (client) ID
Directory (tenant) ID
Go to Certificates & secrets
Click New client secret
Add description: Xelto SSO
Select expiration (recommended: 24 months)
Click Add
Important: Copy the secret value immediately (it won't be shown again)
Go to API permissions
Click Add a permission → Microsoft Graph → Delegated permissions
Add these permissions:
openid
profile
Click Grant admin consent for [Your Organization]
Log in to Okta Admin Console
Go to Applications → Applications
Click Create App Integration
Select:
Sign-in method: OIDC - OpenID Connect
Application type: Web Application
Click Next
Fill in:
App integration name: Xelto SSO
Grant type: ✅ Authorization Code (checked)
Sign-in redirect URIs: Callback URL provided by Xelto support
Sign-out redirect URIs: (optional) Logout URL provided by Xelto support
Under Assignments:
Select who can access the application
Recommended: Limit access to selected groups for better control
Click Save
From the application's General tab, copy:
Client ID
Client Secret
Your Okta domain is visible in the URL: https://your-domain.okta.com