Skip to content

Workspaces And Applications

Use this page when you need to understand what to create in SigID before users can sign in.

What These Words Mean

SigID term Plain meaning
Workspace or tenant The business container for apps, users, organizations, policies, and audit events.
Application The app configuration that sends users to SigID for sign-in.
Redirect URL The exact URL where SigID sends users after sign-in.
Allowed origin A browser origin allowed to start or complete sign-in.
Scope A named permission or access request the app asks for.

Users usually notice the application name and logo. Operators usually manage the workspace or tenant.

How To Set Up An Application

  1. Choose the workspace or environment.
  2. Create an application for the product or dashboard users will open.
  3. Use a display name and logo users recognize.
  4. Register exact redirect URLs for development, staging, and production.
  5. Register allowed origins for browser-based apps.
  6. Choose the scopes the app needs.
  7. Assign an owner who can answer questions about this app.
  8. Give developers the app values for the correct environment.

Keep Environments Separate

Do not mix development, staging, and production values.

Environment Keep separate
Development Local redirect URLs, test users, and non-production client IDs.
Staging Pre-production domains, staging support process, and test SSO connections.
Production Real domains, real users, production secrets, and launch support.

Mixing environments can send users to the wrong place or make a production app trust the wrong issuer.

Good Application Setup Looks Like

  • app name and logo match what users expect
  • redirect URLs exactly match the app
  • allowed origins are limited to the browser surfaces that need them
  • scopes are limited to what the app actually uses
  • production values are not copied into local development
  • each app has an owner and support contact

Developers can continue with Add Login To Your App.