Setting up SSO with Okta
As the first step, please check your UI, in case you are in Developer Console view, change it to Classic UI.
In the Applications menu, click on Applications then on the Add Application button.
The next window should look like below.
Sign On Method: SAML 2.0
After that, name and logo is optional. When finished, click on Next. In the meantime open StoiresOnBoard and go to the approved and verified domain configuration dialog.
Now go to the SAML Settings page in Okta and fill the GENERAL part, based on the StoriesOnBoard Configure Domain dialog SP MetaData tab.
a. (Okta) Single sign on URL == (StoriesOnBoard) Login URL (ACS)
b. (Okta) Audience URL (SP Entity ID) == (StoriesOnBoard) EntityID
c. (Okta) Default RelyState - this filed should stay empty
d. (Okta) Name ID format == (StoriesOnBoard) NameID Format (fixed EmailAdress)
e. (Okta) Application username == "Okta username"
Now fill the ATTRIBUTE STATEMENTS (OPTIONAL) part like below then click on the Next button:
On the next page, please select I'm an Octa customer adding an internal app then click on Finish.
Now you will be forwarded to the saved Application Setup page, please click on the link and download the Application Provider Metadata.
You can add users or groups who will be able to login to StoriesOnBoard on the Assignments tab.
In StoriesOnBoard, please fill the SSO Settings tab in which is on the Configure Domain dialog and click on Save.
a. Enable SAML 2.0 Single Sign On checkbox on (keep it on Optional for now)
b. First name attribute = "FirstName"
c. Last name attribute = "LastName"
d. Identity Provider Metadata = the content of the previously downloaded file.
After the finished setup, assigned users should be able to login using SSO. IdP and SP initiated login methods are also working, users don't need to have an existing StoriesOnBoard account, it will be created automatically during sign in.
💡 Tip - Learn more about:
Hope this article covered the topic very well, in case you have any further question, please contact our support team via the chat widget in StoriesOnBoard or email@example.com.