Setting up SSO for Magic Notes with Microsoft Entra ID

To get setup with SSO for Magic Notes you first need to register an application with the Microsoft identity platform.

We will need the following from you to set up the Entra ID connection:

• Microsoft Azure AD domain
• Application (client) ID
• Client Secret Value (not Secret ID)
• Home Realm Domains (the emails your users login with)

Please fill out the following form with all the details: https://forms.gle/fiphJGUB8iNLJrVq9

URLs You Need for Your Setup

These URLs should be added as Web Redirect URIs in your Azure AD application:

• https://magicnotes.kinde.com/login/callback
• https://auth.magicnotes.ai/login/callback

How to add the URLs to your Entra ID app 

• From your Application page, click the link beside “Redirect URIs”
• Under Web click“Add URI”.
• In the relevant field, enter the URLs, ensuring that both are included.
• Select Save.

Client Secret 

Follow the steps here in the Add Credentials section. 

Other Options

Front-channel logout URL: 

This can be left blank.

Implicit grant and hybrid flows: 

These can be left unchecked.

How to find your Microsoft Azure AD Domain

• Sign in to the MS Azure Portal (https://portal.azure.com) using your Microsoft account.
• Select Microsoft Entra ID in the list of options.
• Go to Custom domain names.
• You’ll see a list of domain names, including the default *.onmicrosoft.com domain and any custom domains you've added.

Permissions

An Entra ID admin will need to grant permissions to the app by logging in to Magic Notes before anybody else can use it. Alternatively, you can add the following permissions to the API Permissions in your App Registration and ensure that Admin consent is not required. 

UPNs

Important! 

Please let us know if your organisation uses a different UPN than the email address provided to us.

For example, if instead of firstname.lastname@organisation.gov.uk you use something like  1234abcd@organisation.gov.uk for logging in.