Single Sign-On with Okta
This docs will guide you through the integration of Okta with Applivery for both the App Store and Dashboard.
Step 1 - Get the Service Provider information from Applivery
Go to your Organization Settings and scroll down until Login providers section. Now click the gear icon beside the SAML row depending on whether you want to configure it for the Dashboard or for the App Store..
You will see now your SAML configuration, including a pre-configured SAML metadata XML file that you will be able to import into your Identity Provider.
Since Okta does not allow uploading the Applivery pre-configured metadata XML, you can use the fields below to map the required params:
- Single Sign On URL:
- Audience URI (SP Entity ID):
Step 2 - Configure your Okta Identity Provider
Now that you have your Service Provider information, it’s time to configure it in your IdP. In this case we will use Okta platform that allows you to configure any Service Provider supporting SAML 2.0.
Step 2.1 - Login into Okta Admin Portal and create an App
Login into your Okta Portal and go to Applications. Then click + Add Application green button at the top of the page and then choose Create new app and choose SAML 2.0.
Step 2.2 - Configure SAML
Give a name to your new App and optionally upload the Applivery logo to easily identify it. Then click Next.
In the next screen fill out the Single sign on URL and Audience URI with the values mentioned above. Additionally select Name ID format = EmailAddress and Application username = Email. Leave the rest of the fields with the default values.
Then scroll down to GROUP ATTRIBUTE STATEMENTS section and use the following configuration to enable sending Okta groups to Applivery:
- Name format: URI Reference
- Filter: User your preferred configuration based on your needs. For instance, you can choose “Start with” and l type something that will be used as a prefix so that all groups matching that prefix in your Okta Directory will be sent to Applivery or choose “Matches regex” and type
.*to always send all groups or define any other regular expression.
Once configured, click Next.
Step 2.3 - Download Federation Metadata XML file from Okta
In the next screen select “I’m an Okta customer adding an internal App” and click Finish.
You will be redirected to the Sign On screen where you will be able to download the Federation Metadata XML under the link Identity Provider Metadata. Click the link and save the XML file.
Go back to Applivery Dashboard > SAML Provider screen (same as in Step 1 of this tutorial) and upload the Federation Metadata XML file under the Step 2. Then click Save changes.
Once saved, use the switch button to enable your new SAML integration in your organization.
Step 3 - Test it out
And that’s it! Now that you have both ends (Okta & Applivery) connected, you can Add some authorized users to Okta (going to Directory > People), making sure you add this new Okta App to each of the.) Then navigate to your App Store URL or Dashboard Login Screen (https://dashboard.applivery.io/welcome/sso) and try to login with an authorized user.