Skip to main content

Finding your Base44 app ID and redirect URI

Before you start setting up SSO for your app, you need to find your Base44 app ID and create your redirect URI. To find your Base44 app ID:
  1. Open your app editor in Base44.
  2. Look at the browser URL. It should look something like this: 
    https://app.base44.com/apps/686404784ac37377589a1f7f/editor/...
  3. The string after /apps/ and before /editor/is your app ID. In this example: 
    686404784ac37377589a1f7f
  4. You need this ID to build your redirect URI. Replace the APP_ID in the link below with your actual Base44 app ID. 
    https://app.base44.com/api/apps/{{APP_ID}}/auth/sso/callback
    In this example, your redirect URI would be: 
    https://app.base44.com/api/apps/686404784ac37377589a1f7f/auth/sso/callback

Setting up SSO for:

Choose your provider to start setting up SSO.

Google

  • Set up SSO with Google accounts

Microsoft

  • Use Microsoft 365 or Entra ID for login

GitHub

  • Authenticate with GitHub accounts

Okta

  • Connect with your company’s Okta directory

Google

  1. Go to Google Cloud console.
  2. Click APIs & services.
  3. Click Credentials.
  4. Click Create credentials.
  5. Cick Create OAuth 2.0 client ID.
  6. Select Web application.
  7. Enter a name.
  8. Scroll down to Authorized redirect URIs.
  9. Click Add URI.
2025 09 14 15 44 30 Pn
  1. Enter your redirect URI.
https://app.base44.com/api/apps/{{APP_ID}}/auth/sso/callback
Make sure to replace the APP_ID with your actual Base44 app ID.
  1. Click Data Access and go to Scopes.
  2. During the OAuth consent screen setup, you’ll see a section to Add or remove scopes. These scopes allow Base44 to identify the user and access their email address after login. Use the search bar to find and select the following:
    • openid
    • https://www.googleapis.com/auth/userinfo.email
  3. Click Create.
  4. Copy the client ID and client secret.
  5. In Base44, click Dashboard in your app editor.
  6. Click Settings.
  7. Click Authentication.
  8. Click Single sign-on (SSO).
  9. Enter the client ID and client secret.
  10. Click Save SSO Settings. SSO for Google in Base44

Microsoft

(Azure / Entra ID)
  1. Go to the Azure portal.
  2. Click Azure Active Directory.
  3. Click App registrations.
  4. Click New registration. Connecting Microsoft Azure to Base44
  5. Register your app by completing the form:
    • Enter the name.
    • Select the account type.
    • Click the Select a platform drop-down and select Web.
    • Enter your redirect URI: 
      https://app.base44.com/api/apps/{{APP_ID}}/auth/sso/callback
      Make sure to replace the APP_ID with your actual Base44 app ID.
      2025 09 14 16 19 31 Pn
  6. Go to Certificates and secrets and select New client secret. SSO Microsoft3 Pn
  7. Go to API permissions and add the following scopes to allow Base44 to authenticate users and access their basic profile and email address:
    • email
    • openid
    • profile
    • User.Read
    SSO Microsoft4 Pn
  8. Copy the client ID, client secret, and discovery URL.
    • Single tenant: use your Azure tenant-specific URL
    • Multi-tenant or customer: Use this URL:
    https://login.microsoftonline.com/consumers/v2.0/.well-known/openid-configuration
  9. In Base44, click Dashboard in your app editor.
  10. Click Settings.
  11. Click Authentication.
  12. Click Single sign-on (SSO).
  13. Enter the client ID, client secret and discovery URL.
  14. Click Save SSO Settings.

GitHub

  1. Go to GitHub Developer Settings.
  2. Click NewAuth App under OAuth apps. SSO Git Hub1 Pn
  3. Fill out the form using the details:
    • Application name: e.g. “Base44 login”
    • Authorization callback URL: 
      https://app.base44.com/api/apps/{{APP_ID}}/auth/sso/callback
      Make sure to replace the APP_ID with your actual Base44 app ID.
      SSO Git Hub2 Pn
  4. Copy the client ID and client secret.
  5. In Base44, click Dashboard in your app editor.
  6. Click Settings.
  7. Click Authentication.
  8. Click Single sign-on (SSO).
  9. Enter the client ID and client secret.
  10. Click Save SSO Settings. SSO Git Hub3 Pn

Okta

  1. Go to your Okta admin dashboard. https://<your-okta-domain>.okta.com/admin
  2. Click Applications.
  3. Click Applications .
  4. Click Create app integration.
  5. Select the following settings:
    • OIDC - OpenID Connect
    • Web application SSO Okta1 Pn
  6. Click Next.
  7. In the app settings enter the following details:
    • **App name: **YourApp Okta Login
    • Sign-in redirect URI SSO Okta2 Pn
  8. Add the following scopes: SSO Okta3 Pn
  9. Copy the client ID, client secret, andIssuer URL (this becomes your discovery URL).
  10. In Base44, click Dashboard in your app editor.
  11. Click Settings.
  12. Click Authentication.
  13. Click Single sign-on (SSO).
  14. Enter the client ID, client secret and discovery URL. SSO Okta4 Pn
  15. Click Save SSO Settings.

Testing that SSO works

After saving your settings, follow these steps to make sure single sign-on is working as expected:
  1. Log out of your app if you are currently signed in.
  2. Go to your app’s login screen.
  3. Click Log in with SSO (or choose the provider you set up).
  4. Sign in using an email address from your verified domain.
If SSO is working, you’ll be logged into your app automatically. If you see an error or can’t log in, reach out to our support team, we’re here to help.

FAQs

Click a question to learn more about SSO.
No, SSO is optional. You can continue using your existing login method if it works for you. But if you’d like your team to log in with Google, Microsoft, GitHub, or Okta, SSO are available.
A redirect URI is a special link that tells your identity provider (like Google or Microsoft) where to send users after they log in. You’ll enter this when setting up SSO in your provider’s dashboard. It should look like this:
https://app.base44.com/api/apps/{{APP_ID}}/auth/sso/callback
Make sure to replace the APP_ID in the link above with your actual Base44 app ID.
A discovery URL is a link that tells Base44 how to connect to your identity provider. It helps Base44 automatically find the right settings, like where to send users to log in and where to get their info after they do.You’ll only need to use this with some providers:
  • For Google, you don’t need to do anything. Base44 handles it automatically behind the scenes.
  • For Microsoft (Azure) and Okta, your provider will give you a discovery URL. You’ll just need to copy it and paste it into the Discovery URL field in your Base44 SSO settings.
  • If you’re using GitHub, you can leave the discovery URL field blank as it’s not needed.
Note: If your provider gives you a discovery URL, you’ll paste it into the “Discovery URL” field in your Base44 SSO settings. If not, you can leave it blank.
Double-check the following:
  • Your redirect URI exactly matches what you entered in your provider’s dashboard
  • Your client ID, client secret, and (if applicable) discovery URL are correct
  • The scopes you added include at least: openid and email
If it still doesn’t work, reach out to our support team, we’re happy to help!
If your Google login still shows “base44.com” as the badge or app name, it means your Google project has not yet been approved. Once your custom Google project is approved by Google, your own app name or branding will appear during the login process. Until then, Base44’s default Google login is used.
To display your own app name during Google sign-in, finish setting up your custom SSO, publish the app, and submit your Google project for approval. After Google approves your project, your chosen app name or branding will appear instead of “base44.com.”