Gradial supports two secure methods for setting up Single Sign-On (SSO) in your organization:
  • Recommended: Use a Microsoft Entra ID (Azure AD) admin account for automatic setup
  • Alternative: Manually provide OAuth2 / OpenID Connect credentials

Overview

If your organization uses Microsoft Entra ID (formerly Azure Active Directory), this is the fastest and most secure setup method. Gradial is a verified publisher in the Microsoft Azure Marketplace, so your IT team can trust the flow and consent screen.

Steps to Enable SSO

  1. Log in to Gradial
    Go to: https://www.gradial.com/app/login
  2. Select Microsoft Login
    Click “Sign in with Microsoft”
  3. Authenticate as an Admin
    Use a Microsoft account with Entra ID admin rights. The first login will prompt a Microsoft consent screen.
  4. Grant Permissions
    Review the requested permissions and click Accept to authorize Gradial.
  5. SSO Activated
    Gradial links to your Microsoft tenant. All users from your domain (e.g., @company.com) can now log in with Microsoft.

Why Choose This Method?

  • No manual configuration (metadata, certificates, OAuth)
  • Quick and seamless
  • Verified by Microsoft

Additional Notes

  • Gradial appears under its legal entity name in Azure Marketplace (Panorama Artificial Intelligence Corp)

Option 2: Manual OAuth2 / OpenID Connect Setup

Overview

This option is for organizations using a non-Microsoft identity provider or requiring manual configuration. Gradial supports any OAuth2-compliant provider that implements OpenID Connect.

Required Information

Please share the following details securely with your Gradial customer success contact:
FieldDescription
Provider NameDisplay name (e.g., Company SSO)
Well-known EndpointDiscovery URL (e.g., https://login.microsoftonline.com/<tenant-id>/v2.0/.well-known/openid-configuration)
Client IDPublic identifier of the application
Client SecretPrivate key (share securely)
DomainEmail domain (e.g., company.com)

What Gradial Will Do

  • Configure and validate the integration
  • Test the login flow
  • Notify you when user login is enabled

Additional Notes

  • Your identity provider must support OpenID Connect and authorization code flow
  • Share secrets only through secure channels