Skip to main content
Every AI Endpoint requires a sign-in. A provider is the identity service your users authenticate with before they can search. You manage providers in Identities → Providers, then attach one to each endpoint. Raily supports OAuth 2.0 and OpenID Connect providers. Use Raily’s own hosted sign-in, or bring your own from Google, Azure AD, Auth0, or any custom OAuth provider.
Adding, editing, or testing a provider is on the paid plan. On a trial you’ll see “Upgrade your plan to add identity providers.”

Providers you can add

Raily

Raily-hosted sign-in. No credentials to set up; it’s ready to use right away.

Google

Your Google OAuth credentials. Import them from a Google Cloud Console JSON file.

Azure AD

Your Microsoft Entra (Azure AD) OAuth app. Add a tenant ID for a single-tenant issuer.

Auth0

Your Auth0 tenant as the OAuth issuer.
A Custom option covers any other OAuth 2.0 or OIDC provider that exposes a standard issuer.

Add a provider

Go to Identities → Providers and click Configure OAuth Provider.
1

Name it and pick a provider

Enter an OAuth Client Name (your own label for this config) and choose the Provider: Raily, Google, Azure AD, or Auth0.
2

Enter the credentials

For Raily there’s nothing to enter; it’s configured for you. For every other provider, add:
  • Issuer URL: the provider’s OAuth or OIDC issuer.
  • Client ID and Client Secret from the provider’s app.
Azure also takes a Tenant ID (optional; defaults to common). For a Google app you can upload the credentials JSON from Google Cloud Console instead of typing the fields.
3

Discover the configuration

Click Discover Config. Raily reads the issuer’s OpenID configuration and fills in the endpoints, then you can save.
4

Test the connection

On the Providers list, click Test Connection. When it passes, the provider shows Verified.

Attach a provider to an endpoint

A provider only takes effect once an endpoint uses it. When you create or edit an endpoint, set Who can connect to the provider you added. Your users sign in with it before they can search. Every endpoint needs one; there is no open, no-auth option. See AI Endpoints for the full endpoint setup.