Skip to main content
Skip table of contents

Single Sign-On (SSO) with Entra ID

Single Sign-On (SSO) allows your users to access MyQ Roger Client (MRC) automatically with their Windows account. When enabled, MRC authenticates them based on their Entra ID (Azure AD) domain login, so they do not need to enter credentials each time the client starts. The feature is only supported on Windows.

Requirements

  • The workstation is joined to the Entra ID domain.

  • The MRC installation defines a Tenancy Name.

  • The MRC installation is configured with SSO enabled.

Enabling SSO

To enable SSO, customize your MRC installer with the parameter USERSINGLESIGNON="true".

After installation completes, MRC determines whether SSO is applied based on the workstation’s domain configuration.

Authentication Workflow

For Entra ID–joined machines, Microsoft’s Authentication Library (MSAL) uses cached tokens or the existing Windows session to perform silent authentication. In practice, this means users typically log in without seeing any prompts.

In hybrid environments (on-premises Active Directory federated with Entra ID), the first login requires user interaction (credentials or MFA approval). Once the initial refresh token is cached, subsequent logins are silent.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close