Skip to main content
All CollectionsTroubleshooting & FAQSign-in & SSO
Reset SSO
Reset SSO
Updated over a week ago

Introduction

If your SSO expires or is misconfigured, you cannot access the workspace anymore. SSO has to be reset in such an event. The recommended way to do this is Request Emergency Admin Access. As alternatives to this, as a partner you can also use our SSO tool or the Provisioning API, as explained in this article.

For both options, the provisioning key of your instance is required.

SSO reset tool

You can reset the SSO configuration for an environment using our SSO reset tool, which you can download here. In order to reset SSO using the tool, you need the following:

  • The provisioning key of your instance. This is highly sensitive information and should be known in your organization. If you don’t have the key, contact support to request a new one

  • An SSO app registration with a valid client secret must exist in Microsoft Entra ID (previously called Azure AD) to link to the environment

We recommend using powershell to create a client secret that is valid for 99 years. You can find this script here. Note down the client secret you get from the script, as you need to enter this in the SSO tool when resetting SSO.

Once you have download the tool and meet the requirements above, follow the steps below to reset SSO:

  1. Download and unzip the tool

  2. Run W365-API-LinkSSO.exe

  3. When you run the tool for the first time, you need to enter some information to build a config file the tool will use to connect to your instance:

    • Please provide the Workspace 365 URL to use: enter your instance URL including https://
      Do not include a "/" behind the instance URL, otherwise you will get an error

    • Provide a new reference or accept current: enter the desired name for the config file that will be generated (e.g. your company name)

    • Enter the provisioning key for your instance. This is highly sensitive information and should be known within your organization. If you don’t know the provisioning key, contact support

    • Save the information you entered

  4. You will now see the following menu:​

  5. Type 1 and press Enter

  6. From the list that opens, select the environment for which SSO needs to be reset

  7. The menu will now show the selected environment. Note that you may need to scroll up to see the menu.​

  8. Type 2 and press Enter., you will need to enter the following information:

    • The domain used in the tenant

    • The Application (client) ID of the SSO app registration in Microsoft Entra ID

    • The Value of the SSO app registration's Client Secret

  9. If you entered the correct information, you will see confirmation the SSO app was successfully linked:​

  10. Log in to the environment to verify SSO is working again

Power Automate using Provisioning API

A Power Automate Premium license is required for this.

It's also possible to reset SSO using Power Automate, by utilizing our Provisioning API. Refer to Provisioning API example: Change SSO settings in Workspace 365 for instructions on how to do this.

Related Articles
How do I create a Workspace environment?
Manual setup of SSO
New tool available: SSO reset tool
About domain or tenant migrations in Microsoft Entra ID or Workspace 365
Provisioning API example: Change SSO settings in Workspace 365
Did this answer your question?