This page provides documentation on integrating an Identity Provider (IdP) with Unique's authentication system, enabling a seamless and secure SSO experience for the users. Unique uses Zitadel as its Identity and Access Management (IAM) solution and various IdPs can be connected to it for allowing users to login via Single Sign-On.
...
The Group.Read.All permission needs to be manually added. This can be done by clicking on the “+ Add a permission” button on the top of the list. Select the “Microsoft Graph” API and choose the “Application “Delegated permissions” tab on top. This allows the Unique solution to query the group names for the group IDs received in the groups claim on the ID token.
Make sure that the status column indicates “Granted for …” for all the added API permissions. The Group.Read.All permissions requires explicitly granting admin consent by using the “Grant admin consent for …” button above the permission list.
...
Certificates & secrets
After the application has been registered and configured, create a Client Secret by navigating to “Certificates & secrets” and copy the value of the secret. The secret is only visible once and is needed in order to setup SSO with Unique.
...
If you are running on a Unique managed environment (Multi- or Single-tenant), then this is all you need. Provide these values to Unique in a secure way (sensitive client credentials) and Unique will take care of enabling SSO for your organization.
...