Single Sign On
      Back to home
      1. Help Center
      2. Users and User Groups
      3. Single Sign On

      Okta SAML SSO Setup

      Full walk-through to setup and enable Okta SSO with Tovuti.

      Step 1: Create New SSO Provider

       

      Click on > People

      Clic_on_People

       

      Open > Single Sign-On

      ADFS_Doc_1

      Click > New

      ADFS_Doc_2

      Enter the  Title and Details

      ADFS_Doc_3

      Go to > Service Provider Settings where a unique EntityID/Issuer is created for you

      ADFS_Doc_4

      Step 2: Configuring Okta as Identity Provider (IDP)

      Log into Okta Admin Console > Click on Applications

      1

      Click on > Add Application

      Click on > Create New App

        Select Web and SAML 2.0 and then click  > Create

        In General Settings, enter App Name and select both checkboxes for App Visibility and click on > Next

         

        In SAML Settings, enter the following information found in the Service Provider Settings:

         

        Configure Attribute Statements and Group Attribute Statement (Optional)

        *If you want to include all Groups in the SAML Assertion use Matches regex .*.

        The Final Step in your Okta App Configuration is to use the settings in the image below and click > Finish

        Assigning Groups/People In Okta

        After creating and configuring the app go to the  > Assignment Tab in Okta.

        Here we select the peoples and groups you want to give access to login through this app.

        Assign this to the people/group you would to give access to.

        After assigning the people/groups to your app go to > Sign On tab.


        Click on > view setup instructions to get the > Identity Provider Issuer, Identity ProviderSingle Sign-on URL and X.509 Certificate

         

        Step 3: Finish Configuring Tovuti as Service Provider (SP)

         

        Enter the following information found in the Okta Setup Instructions

         

        1. Identity Provider Issuer
        2. Identity Provider Single Sign-on URL
        3. X.509 Certificate.

        ADFS_Doc_10

         

        Click > Update and then click > Test Configuration (this will show you what Attributes and Values are being sent in the Okta SAML Assertion – this will help you map Fields and Groups

        ADFS_Doc_11

        Step 4: User Profile Field and Attribute Mapping

         

        • Attributes are user details that are stored in your Identity Provider.
        • Attribute Mapping helps you to get user attributes from your Identity Provider and map them to Tovuti user attributes like firstname, lastname etc.
        • While auto registering the users in your Tovuti site these attributes will automatically get mapped to your Tovuti user details.
        • In Tovuti User Profile Field Mapping tab and fill in all the fields.

        ADFS_Doc_12

        *You can check the Test Configuration Results under Identity Provider Settings tab to get a better idea of which values to map here.

        Step 5: User Group Mapping

         

        • While auto registering, the users are assigned roles based on the group they are mapped to.
        • Assign a default User Group
        • Enter the Attribute Name for Okta Roles/Groups

        ADFS_Doc_13

         

         

        *You can check the Test Configuration Results under Identity Provider Settings tab to get a better idea of which values to map here.

        Step 6: Enable Login Link

         Go to Details Tab and click Yes for Add Login Link to Navigation select the menu that you want the link to appear on and give the link a name

        ADFS_Doc_14

        Click Save and Your Okta SSO is Now Setup

        (make sure to run multiple tests to ensure that all of your settings are correct)