1 Open Applications and register
2 Name it and add its redirect URL(s)
Give the app a clear name (e.g. "Care portal"), then add the redirect URL — the address people are sent back to after they sign in (for example https://your-app.com/sso/callback).
3 Copy the key — it's shown once
When you register, Mission Control shows the app's secret key a single time. Copy it now.
4 Put the key into your app
In the app you're connecting, set two things: the address of the identity provider, and the key you just copied. With the Larauna SSO SDK that's an environment setting:
The app now delegates its login to Mission Control. (No code to write — the SDK handles the redirect and verifies the token.)
5 Test it
- Open the app and click sign in.
- You should be sent to Mission Control, sign in there, and land back in the app already signed in.
- If it bounces back with an error, the usual cause is a redirect URL that isn't on the allow-list — add the exact URL (step 2) and retry.
Managing an app later
- Rotate key — issue a fresh key (e.g. if the old one may have leaked). Update the app's config with the new key.
- Remove — the app can no longer use SSO. Its own local login (if any) still works.