■
Table of Contents
Configure Okta with Simpplr Information
Note, you must be the Okta admin user and a Simpplr Application manager to complete these steps.
Create an App in Okta
First we'll need to create the app in Okta. From your Okta instance:
-
In the left hand navigation, click Applications > Applications. Now either select an existing application (if Simpplr has already been added) or create one.
-
To create a new application:
-
In the Applications page, click on Create App Integration.
-
Select SAML 2.0 and click on Next.
-
Enter the App name. This can be your intranet name, or "Simpplr". Call it anything you'd like, as long as you'll remember it. Then click Next.
- Copy your Simpplr home page url and paste it into the Single sign-on URL box in Okta. This will be used as a placeholder. We will change this later on. Input dummy data into the Audience URI field as well. Again, anything will work here for now; this just acts as placeholder information that will change later on.
- Select Email for the Application username field.
-
Scroll down and click on Next.
-
Copy the Sign on URL and Issuer, and download the signing Certificate. Paste these items somewhere you can access later on. You'll need them when connecting the app to Simpplr.
-
Configure SSO in Simpplr
-
In Simpplr, from your user profile image, click Manage > Application > Security > External Idp (SSO)
-
Select Add, then choose Okta.
-
Provide the details required for SSO integration
-
Name: This is the display name for the SSO integration, visible on the page. Choose a clear and descriptive name that distinguishes it from other SSO options
-
Sign in text: This text displays on the login page.You can provide any custom text.
-
Login URL: Enter the Sign on URL received from Okta SSO SAML app.
-
Identity Provider (IdP) entity ID: Enter the Issuer received from Okta SSO SAML app
-
Certificate: Upload the certificate received from Okta
-
Select a login identifier: Select at least one login identifier that users will use to log into Simpplr application. Choose any of the available identifiers supported by Okta
-
Optionally, by switching the toggle, enable SSO Just-in-Time (JIT) provisioning if you want users to be provisioned JIT via Okta. For more information on SCIM provisioning via Okta, click here.
-
Click Add. The integration is complete in Simpplr. You will get the configuration details, which will be used to complete the integration in Okta.
-
Configure Okta with Simpplr Information
Back in your Okta instance, from your Simpplr app oyu created earlier, head to Edit SAML Integration and navigate to Configure SAML.
-
- Enter the Single sign-on URL - Copy the ‘ACS URL’ received from configuration details in Simpplr and paste it in the Sign-on URL field in Okta SAML app.
- Enter the Audience URI (SP Entity ID) - Copy the ‘Service Provider entity ID’ received from configuration details in Simpplr and paste it in the Audience URI (SP Entity ID) field in Okta SAML app.
- Enter the Default RelayState - Copy the ‘Relay state’ received from configuration details in Simpplr and paste it in the Default RelayState field in Okta SAML app.
- Scroll down and add attribute statements. In the Attribute Statements fields, add the following mappings (these are mandatory for the integration to work).
- To map in Simpplr, head to Manage > Application > Security >External (IdP) SSO. Select the three dots next to your SSO vendor (Okta in this case) and choose Field mapping.
-
Once finished mapping, click Next, then Finish. SAML setup is complete.
Simpplr Okta first_name user.firstName last_name user.lastName email user.email Optional fields are below:
Simpplr Okta country user.countryCode phone_number user.primaryPhone mobile_number user.mobilePhone title user.title address1 user.streetAddress city user.city state user.state zip_code user.zipCode employee_number user.employeeNumber division user.division department user.department manager user.manager language user.preferredLanguage timezone user.timezone
Comments
Please sign in to leave a comment.