Here's a quick tutorial on how to set up Single-Sign-On for Okta:
- Login to your Okta Portal
- Go to the Applications tab, and click on Create App Integration
- Select SAML 2.0 and press Next to proceed.
- Specify the App name and press Next to proceed. (You may specify any name)
- To get the Single sign-on URL, you will need to refer to the SSO configuration page on Controlio https://app.controlio.net/account-settings/sso under Controlio callback url. You can use the copy button to copy it.
- And paste the copied URL in the Single sign-on URL field.
- For the Audience URI (SP Entity ID), you can come up with any name and input it there.
- This same Audience URI (SP Entity ID), needs to be input on the SSO configuration page on Controlio under Service provider entity ID.
- From the Application username dropdown list, select Email.
- Add the following attributes to Attribute Statements (optional)
- firstName - user.firstName
- lastName - user.lastName
- email - user.email - Click Next to proceed.
- Select This is an internal app that we have created, and press Finish to proceed.
- From the Sign On tab, locate the Sign on URL and copy it.
- Paste this URL in the SSO configuration page of the Controlio Dashboard under ID-provider authentication URL
- Download the SHA-2 certificate from SAML Signing certificates.
- Copy the contents of the downloaded certificate, and paste it into the X.509 certificate textbox in the SSO configuration page of the Controlio Dashboard.
- Assign the app you created to the users from Assignments to start using the SSO feature.