Overview
This document contains instructions to configure Single Sign-On (SSO) into the Blueink
eSignature App using a Microsoft Entra ID OIDC connection.
The target audience for this document is Blueink Customers who use Microsoft Entra ID as their IdP (Identity Provider).
If you want to setup SSO using a different IdP or connection type, please visit help.blueink.com for additional guides.
Prerequisites
These instructions should be followed by someone who is an Admin of your Microsoft Entra ID account, or who otherwise has permissions to create and configure customer applications in Entra ID.
Summary Instructions
A quick summary of the steps is as follows. Detailed instructions, with screenshots, can be found in the following section.
Log into Microsoft Entra ID Admin Center (https://aka.ms/MSEntraPortal) as an Administrator, or as a user with permissions to create and configure Entra ID applications
Click App registrations and then New Registration
Input a name and select Accounts in this organizational directory only for Supported account types and click Register
Navigate to the Authentication section and select "Add a platform" under Platform configurations
Select web and input the Redirect URI from the SSO Connection provided by Blueink. Leave the rest blank and click "Configure"
Navigate to Certificates & secrets and select "New client secret". Enter a description of your new secret key, select your desired secret expiration length, and click Add.
Input the secret value as the Client Secret
Copy the Application (client) ID from the overview section in Entra as the Client ID, and set the Issuer to the https://login.microsoftonline.com/<uuid> base from the OAuth 2.0 authorization endpoint (excluding the /oauth2/v2.0/authorize) in the Endpoints tab.
Test a login with Using an email address of a User that already exists in your Blueink
eSignature Account.
Log out, and then visit this URL to login:
Detailed Instructions
Log into the Microsoft Entra Admin Center (https://aka.ms/MSEntraPortal) as an Administrator, or as a user with permissions to create and configure Entra ID applications.
Navigate to App registrations and select to create a New registration:
Input a name and select Accounts in this organizational directory only for Supported account types and click Register.
Navigate to the Authentication section and select "Add a platform" under Platform configurations.
Select web and input the Redirect URI from the SSO Connection provided by Blueink. Leave the rest blank and click "Configure.
Navigate to Certificates & secrets and select "New client secret". Enter a description of your new secret key, select your desired secret expiration length, and click Add.
Input the secret value as the Client Secret.
Copy the Application (client) ID from the overview section in Entra as the Client ID, and set the Issuer to the https://login.microsoftonline.com/<uuid> base from the OAuth 2.0 authorization endpoint (excluding the /oauth2/v2.0/authorize) in the Endpoints tab.
Test Your Blueink SSO Connection
Now that you have an SSO Connection set up, you can test it out as follows:
Log out of any active Blueink sessions in your browser
Visit the test SSO login page at: https://secure.blueink.com/auth/login
Enter your email address
You should be redirected to your Microsoft Entra login page and prompted to enter your credentials
You should then be redirected back to the Blueink dashboard and be logged in to your Blueink eSignature Account
If you have any issues, don't hesitate to reach out to [email protected].
Conclusion:
By following these instructions, you'll be able to configure Single Sign-On (SSO) in Blueink eSignature App using a Microsoft Entra ID OIDC connection. Should you require support during the setup process, please don't hesitate to reach out to [email protected]. Kindly note that the metadata URL should also be sent to this email address for assistance with SSO setup.