Before you begin: You’ll need a unique organization_id.
Contact your Account Manager or Pelanor Support to obtain it.


General Workflow

1

Create an OIDC application

Register an OIDC app in your IdP (Azure, Okta, or JumpCloud).

2

Add redirect URI

Use the format:

EnvironmentRedirect URI format
US (default)https://app.pelanor.io/api/auth/callback/{idp}-{organization_id}
EUhttps://app-eu.pelanor.io/api/auth/callback/{idp}-{organization_id}

Replace {idp} with entra, okta, or jumpcloud and {organization_id} with your unique value.

3

Assign users

Assign users in your IdP that should be allowed to access Pelanor.

4

Send config to Pelanor Support

Share the following with Pelanor:

  • Client ID
  • Client Secret
  • Issuer URL / IdP domain
5

Wait for confirmation

Pelanor will notify you when the SSO connection is active.


Finding Your Organisation Name

1

Open the Default Workspace

In Pelanor, go to Settings → Workspaces and click Default Workspace.

2

Copy the subtitle

The subtitle is your organization name, used for SSO login (lowercase, no spaces).


Logging in with SSO

1

Go to login page

Open the Pelanor sign-in screen.

2

Click 'Log in with SSO'

You’ll be prompted to enter your organisation name.

3

Enter org name and authenticate

Enter your name (e.g., acme), authenticate via your IdP, and access the platform.


Platform-Specific Instructions

Microsoft Entra ID (Azure AD)

1

Register the app

Azure Portal → Azure Active Directory → App registrations → New registration

2

Set redirect URI

Use:

  • US: https://app.pelanor.io/api/auth/callback/entra-{organization_id}
  • EU: https://app-eu.pelanor.io/api/auth/callback/entra-{organization_id}
3

Create secret and collect info

  • Create a secret under Certificates & secrets
  • Copy the Client ID and Issuer URL
4

Assign users

Navigate to Users, and assign Pelanor access.


Okta

1

Create app integration

Okta Admin Console → Applications → Create App Integration

  • Sign-in method: OIDC
  • Application type: Web
2

Set redirect URI

Use:

  • US: https://app.pelanor.io/api/auth/callback/okta-{organization_id}
  • EU: https://app-eu.pelanor.io/api/auth/callback/okta-{organization_id}
3

Assign users and collect credentials

Assign users under Assignments
Copy the Client ID, Client Secret, and Okta domain


JumpCloud

1

Add new OIDC app

JumpCloud Admin → USER AUTHENTICATION → SSO Applications → + Add New Application

2

Choose custom OIDC

Select OIDC / Custom Application, then click Next.

3

Set redirect URI and grant type

  • US: https://app.pelanor.io/api/auth/callback/jumpcloud-{organization_id}
  • EU: https://app-eu.pelanor.io/api/auth/callback/jumpcloud-{organization_id}
    Grant Type: Authorization Code (enable Refresh Token if needed)
4

Activate and assign

Copy Client ID, Client Secret, and Issuer URL
Assign users via the Assignments tab