Vuelio supports OAuth 2.0 with Microsoft Azure Active Directory (Azure AD).
Here are the details we require to integrate your SSO with Vuelio.
Application ID:
Secret Expiry:
Secret Value:
PrimaryDomain:
Test user email address:
(preferably for the IT/network admin performing this setup)
Please also find our text guides below that will provide directions within Azure Entra ID to obtain this information. If you have any questions or issues along the way, please let us know.
Step-by-Step Walkthrough
The below is a general guide to enabling auth with Azure tenant, etc.
Authentication systems and types will differ per client, so some additional steps may be required following the below.
Standard Setup
1. Log onto the Azure Portal with an MA account.
2. In the left navigation, click on ‘App registrations’.
3. Click on ‘New registration’.
4. Enter the Name ‘Vuelio SSO App’.
5. Under the ‘Redirect URI (optional)’ heading, from the dropdown select ‘web’. In the adjacent textbox enter
6. Click the ‘Register’ button to create the app registration.
7. Once created, note the ‘Application (client) ID’.
8. In the left navigation, click on ‘Certificates & secrets’.
9. Click on ‘New client secret’.
10. Enter the Description ‘Vuelio SSO Secret’.
11. From the Expires dropdown select ‘730 days (24 months)’.
12. Click on the ‘Add’ button to create the secret.
13. Note the Expiry date.
14. Click on the copy button next to the Value and paste into your notes.
15. In the left navigation, click on ‘API permissions’.
16. Click on ‘Add a permission’.
17. Select the ‘Microsoft Graph’ API.
18. Click on ‘Delegated permissions’.
19. Select ‘openid’ and ‘profile’.
20. Click on the ‘Add permissions’ button to add the API permissions.
21. Click on ‘Grant admin consent for …’.
22. Click on the ‘Yes’ button.
23. Click on the 3 dots on the right-hand side of the ‘User.Read’ API permission, then click on ‘Revoke admin consent’.
24. Click on the ‘Yes, remove’ button to revoke admin consent.
25. In the left navigation, click on ‘Token configuration’.
26. Click on ‘Add optional claim’.
27. Select ‘ID’ as the Token type.
28. Select preferred_username and upn. The values supplied in these claims will be used to match the email address provided by the user during login.
29. Click on the ‘Add’ button to add the claims to the token configuration.
31. Go out of the App registration. then click on ‘Custom domain names’.
32. Note the Primary domain.
33. Open a browser and navigate to the following URL, replacing <PrimaryDomain> with the domain you noted in step 32
A response similar to the image below will appear:
34. Check for the following values
The ‘response_types_supported’ field contains ‘id_token’. If this is missing, follow the extra steps 35 - 37 below.
The preferred_username claim appears in the ‘claims_supported’ field. It would be advantageous to have the upn claim as well. If both of the claims are missing, please check you have followed all of the steps above.
Optional Steps.
Only perform these if the ‘id_token’ is missing from the ‘response_types_supported’ field in step 34.
35. In the left navigation, click on ‘Authentication’.
36. On the ‘Settings’ tab, tick the ‘ID tokens (used for implicit and hybrid flows)’ checkbox.
37. Click the ‘Save’ button.
After we receive your SOO setup information we will configure our system. Once configured, a 3 hour delay is required, after which time we will contact you to perform the first user test.
Please provide the email address of the test user - this cannot be an email address already registered to use the Vuelio application. Preferably your IT or network admin performing this setup.
Australian-based clients using Vuelio
N.B Australian-based clients using Vuelio should replace URL in step #5 with: