Documentation‎ > ‎

Connect to BeeBole with Single Sign On (SSO)

You can connect to your BeeBole Timesheet account using Single Sign On.
The SSO process is based on OpenID Connect/OAuth2.

This documentation is generic to OpenId Connect/OAuth2 configurations which can be used with SSO solutions such as Okta or OneLogin.
We also have built in SSO integrations for Google Workspace and Microsoft, but in these cases, please refer to our Google Workspace or Microsoft configuration.

Configuration

To configure SSO for your account go first to Settings > Account and open the OpenId SSO section.
The following screen will appear.


Parameters

The OpenId Connect/OAuth2.0 protocol is a standard way of ensuring secure connection to third party tools such as BeeBole from your SSO portal.
There are many solutions available and most of them will use the same principles.

In the SSO portal, you will need to create a BeeBole app.
While doing so, you will receive a client ID and a client Secret you will need to add in BeeBole under the ad-hoc fields.

Each SSO portal will have a specific API endpoint to authorize and deliver a token.
Please refer to your SSO Portal documentation to get these URIs.

During the creation of a BeeBole app in your SSO portal, you will need to give an initial login URI and a login redirect URI.
The URI can be retrieved in the BeeBole OpenID section as shown in the screenshot attached to this documentation.
Terminology used for these URI might change depending on the SSO portal used.

Examples

To ease the configuration, here are examples with well known SSO portals: