# Configuring SSO These examples assume you are self-hosting Pipekit on the subdomain `pipekit.example.com`. Replace this with your actual domain. ## GitLab 1. Go to your GitLab group settings and click on "Applications" 2. Click on "New Application" 3. Fill in the details: * Name: \[Choose a unique App name] * Redirect URI: * Tick "Confidential" * Scopes: * read\_user * openid * profile * email 4. Click "Save application" 5. Note down the Application ID and Secret and pass them to the [Helm Chart Values](/self-hosting-pipekit/helm-chart.md) to configure Pipekit. ## Microsoft (Azure AD/Entra) Social Login 1. Create a new app registration in your Azure AD tenant. 2. Fill in the details: * Name: \[Choose a unique App name] * Supported account types: Choose the account types you want to support. * Redirect URI: * Platform: Web * 3. After creating the app, create a Client Secret and note it down. 4. Then add the following API permissions: * Microsoft Graph: * email * openid * profile * User.Read 5. Note the Application (client) ID and pass it along with the Client Secret to the [Helm Chart Values](/self-hosting-pipekit/helm-chart.md) to configure Pipekit. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.pipekit.io/self-hosting-pipekit/configuring-sso.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.