The Okta Single Sign-On Integration allows a secure authentication method that leverages managed Okta account credentials. When enabling this integration, it enforces and requires all user logins to the Addigy console from an Okta app interface.


Please note: If you are editing your existing configuration, you must disable the integration to be able to edit.

TABLE OF CONTENTS

 

Prerequisites

  1. Okta is required.
  2. Okta Admin access is required to configure the integration.
  3. The Create and EditIntegration privileges are required in Addigy to configure the Okta Single Sign-on integration.
  4. Please ensure that you are using the same email address that's associated with your Addigy account.
  5. Make sure you are on the Okta Developer console, using the Classic UI. Choose the "Classic UI" from the menu highlighted here:


Setting up the Integration

The first step is to set up an Application within Okta. Start by clicking on the Applications tab in the navigation bar.



On the Applications page, click Add Application.



Then click Create New App.



On the Application creation modal, you'll want to configure the App with the following settings,
1. Platform set to Web

2. Sign on method set to SAML 2.0

Then press the Create button.




Now we begin the three step process of configuring our SAML Applications, Lets begin by adding in an App Name and an App logo, then click Next.


Note: Feel free to use this Addigy logo for your Application Integration, here is a link to the logo ( The logo image is also attached to the bottom of this article): 


https://addigy.com/wp-content/uploads/2020/11/201125_Addigy_Iso_Transparent_420x240.png


General Settings



The next step requires you to Navigate to Support -> Integrations. Click on Okta SSO integration. 


Copy the Addigy Entity ID to the Okta "Audience URI (SP Entity ID)" field. 


Copy the Addigy Assertion Consumer Service to the Okta "Single sign-on URL"


Set the Name ID Format and Application Username to E-mail.


Configure SAML


Require SAML Integration Settings



After that's done, scroll down and apply the following Attribute mappings for First Name, Last Name, and Email.


Values should be formatted in the following fashion:

user.firstName

user.lastName

user.email


These values are case sensitive.





(Optional) Auto Assignment of Addigy User Roles


If you are looking to automatically assign roles upon creation, you can make a Role attribute and tie it to a user attribute in Okta that holds a Addigy Role ID.



Omitting a role attribute or specified role id in Okta will default the user role to "user" role in Addigy.


The Attribute mappings with a role attribute should look similar to this:

Lastly, download the Okta Certificate and upload it to the Okta SSO Integrations pane under Upload Certificate in Addigy.


Finding User Role ID in Addigy

You can find the role ID of any role by navigating to account > users then scrolling down the roles table. 


Clicking on the role ID will open a window with role details. Clicking on the Copy will copy the roleID to your clipboard.
 


Feedback


Addigy Setup


You'll be redirected to your Apps Sign On Settings page, where you'll want to click View Setup Instructions.




The final step is to copy over the Identity Provider Single Sign-on URL back to the Addigy Okta SSO URL and the Okta Identity Provider Issuer value back to the Addigy Entity ID URL in the integration panel.





Now it's time to enable the integration on the Addigy Console using the toggle on the top right. After that, you have to assign the application to a user and they will now see it in their Okta Apps Console. Hooray! 




If you have an Addigy account and have additional questions, you can create a ticket by emailing support@addigy.com.

Alternatively, you can submit a support request within Addigy.