We’ve developed some resources to help you work effectively from home during COVID-19 Click to learn more

Can I use my domain for federated sign-in?

In this article

    Before you start setting up federated sign-in with SuperID, you need to identify the provider and check if your domain name is viable to use as an IdP for SuperOffice CRM Online.

    You can use either G Suite Toolbox Dig or Microsoft OpenId record lookup tool to check domain compatibility.

    G Suite Toolbox Dig

    The G Suite Toolbox can be used to identify problems with G Suite services. Dig supports looking up MX records for both Google and Microsoft domains.

    1. Go to https://toolbox.googleapps.com/apps/dig/

    2. Enter your domain name and select MX.

    3. Look at the response: if you see ANSWER and that section lists at least 1 entry with outlook, google, or similar you should be good to go! For example:

      ;ANSWER vg.no. 299 IN MX 5 ALT2.ASPMX.L.GOOGLE.COM.

      image37bqk.png

     

    Microsoft OpenID record lookup tool

    This tool supports Microsoft domains only.

    1. Insert your domain name in the following URL and go to that page:

       https://login.microsoftonline.com/YOURDOMAIN/.well-known/openid-configuration
    2. If the answer includes authorization_endpoint or similar you should be good to go! For example:

      "authorization_endpoint":"https://login.microsoftonline.com/8e414aee-d6e1-4d13-98c8-d3876cd2b05/oauth2/authorize"
      imagee2e8r.png

      "error":"invalid_tenant" indicates this will not work for a Microsoft account

      imagep7ymp.png