Who is this article for?

Users encountering the SSO authentication error.

System admin permissions are required.

This guide outlines key configuration steps to resolve authentication errors during web app sign‑in and ensure seamless SSO integration.

1. Issue

Users may experience authentication errors when signing into the web application due to incorrect configuration of SSO URLs, redirect paths, client secrets, or token settings.

These errors often occur because of missing URL components, incorrect letter casing, or misconfigured permissions. Each configuration step must be followed carefully to ensure successful authentication.

2. Resolution

The following steps should help resolve the issue:

1. Check whether v2.0/ is included in the SSO URL when a user encounters an authentication error during sign‑in.
2. Ensure that the abbreviation QP in “qpulse” is always uppercase when entering URLs for web redirection. Include the trailing slash (/) for Live, Training, UAT, and any other URLs added.

3. When adding URLs under the single‑page redirect authenticate.aspx, ensure the letter A is capitalised for Live, Training, UAT, and any other URLs included.

4. Ensure that the client secret entered in the secret column matches the actual secret value, not the secret ID.

5. Add the following URL under the Graph endpoint: https://graph.microsoft.com/v1.0/me
6. Add the highlighted client ID in the appropriate field.

7. For the SSO URL, include the tenant ID after: https://login.microsoftonline.com/{Tenant.ID}/v2.0/

8. Ensure token configuration follows the sequence shown in the screenshot.

9. Under API permissions, select Grant permission to enable the API permission automatically.