1. AWS Simpplr
  2. Integrations and APIs
  3. SSO Integrations

Okta SSO (SAML) Configuration

Avatar
Matthew Rawls
Follow

Table of Contents

Create an App in Okta

Configure SSO in Simpplr

Configure Okta with Simpplr Information

Event Hooks

Note, you must be the Okta admin user and a Simpplr Application manager to complete these steps.

Create an App in Okta

First we'll need to create the app in Okta. From your Okta instance: 

  1. In the left hand navigation, click Applications > Applications. Now either select an existing application (if Simpplr has already been added) or create one.

  2. To create a new application:

    1. In the Applications page, click on Create App Integration.
      aws_okta_2.png

       

    2. Select SAML 2.0 and click on Next.
      Okta SAML 1.png

    3. Enter the App name. This can be your intranet name, or "Simpplr". Call it anything you'd like, as long as you'll remember it. Then click Next.
      aws_okta_3.png

       
    4. Copy your Simpplr home page url and paste it into the Single sign-on URL box in Okta. Copy and paste your updated url somewhere you have easy access to later on. We will need it in the setup of the application.


      Okta SAML 2.png

       

    5. Scroll down and click on Next.

    6. Copy the Sign on URL and Issuer, and download the signing Certificate. Paste these items somewhere you can access later on. You'll need them when connecting the app to Simpplr.Okta SAML 3.png

Configure SSO in Simpplr

  1. In Simpplr, from your user profile image, click Manage > Application > Security > External Idp (SSO)

  2. Select Add, then choose Okta.
    Okta SAML 4.png

  3. Provide the details required for SSO integration

    1. Name: This is the display name for the SSO integration, visible on the page. Choose a clear and descriptive name that distinguishes it from other SSO options

    2. Sign in text: This text displays on the login page.You can provide any custom text.

    3. Login URL: Enter the Sign on URL received from Okta SSO SAML app.

    4. Identity Provider (IdP) entity ID: Enter the Issuer received from Okta SSO SAML app

    5. Certificate: Upload the certificate received from Okta

    6. Select a login identifier: Select at least one login identifier that users will use to log into Simpplr application. Choose any of the available identifiers supported by Okta

    7. Enable SSO provisioning if you want users to be provisioned via Okta. This is an optional step.
      Okta SAML 5.png
      Okta SAML 6.png

    8. Click Add. The integration is complete in Simpplr. You will get the configuration details, which will be used to complete the integration in Okta.
      Okta SAML 7.png

Configure Okta with Simpplr Information

Back in your Okta instance, from your Simpplr app oyu created earlier, head to Edit SAML Integration and navigate to Configure SAML.

    1. Enter the Single sign-on URL - Copy the ‘ACS URL’ received from configuration details in Simpplr and paste it in the Sign-on URL field in Okta SAML app.
    2. Enter the Audience URI (SP Entity ID) - Copy the ‘Service Provider entity ID’ received from configuration details in Simpplr and paste it in the Audience URI (SP Entity ID) field in Okta SAML app.
    3. Enter the Default RelayState - Copy the ‘Relay state’ received from configuration details in Simpplr and paste it in the Default RelayState field in Okta SAML app.
      Okta SAML 8.png
    4. Scroll down and add attribute statements. In the Attribute Statements fields, add the following mappings (these are mandatory for the integration to work). Once finished mapping, click Next, then Finish. SAML setup is complete:
      Simpplr Okta
      first_name FirstName
      last_name LastName
      email PrimaryWorkEmail
      employee_number EmployeeID

      Optional fields are below:

      Simpplr Okta
      country user.countryCode
      phone_number user.primaryPhone
      mobile_number user.mobilePhone
      title user.title
      address1 user.streetAddress
      city user.city
      state user.state
      zip_code user.zipCode
      employee_number user.employeeNumber
      division user.division
      department user.department
      manager user.manager
      language user.preferredLanguage
      timezone user.timezone

Event Hooks

Event hooks allow you to send real-time notifications to your intranet whenever specific events occur in your Okta environment.

Creating an event hook in Okta for the user status sync

  1. Log in into Okta as an Administrator.
  2. Head to Workflow > Event Hooks
  3. Click on Create Event Hook
  4. Enter a name for the event hook
  5. Enter the url: https://<api-server-domain>/v1/identity/accounts/saml/events
  6. Enter the Authentication field and Authentication secret (the same will be used in your Simpplr App) - these values will be sent as a header in the request to the callback url, with field as header name and secret as the header value.
    Okta event hooks 1.png

Configure Okta event hooks in Simpplr

Back in your intranet, from the SSO setup menu where you configured Okta, enable the event hooks you'd like.
Okta event hooks 2.png

 

 

  1.  
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.

Articles in this section