Configuring SAML in Okta
-
In your Okta account, click on the Admin button
-
Click on Add Applications
-
Click on Create New App
-
Select Web platform and SAML 2.0, then click Create
-
In the General Settings section:
- Use Estateably as name
- Upload a logo for the app
-
In the Configure SAML section:
- Paste the URL you were given by your Account Manager in Single-sign on URL, for example
https://xxxx.app.estateably.com/api/v1/auth/saml/login
wherexxxx
is your company domain. - Paste the URL
https://app.estateably.com
as Audience URI (SP Entity ID) - Select EmailAddress for Name ID Format
- In Attribute Statements define the following attributes:
- Name: firstName Name Format: Basic Value: user:firstName
- Name: lastName Name Format: Basic Value: user:lastName
- Paste the URL you were given by your Account Manager in Single-sign on URL, for example
-
In the Feedback section
- Choose "I’m an Okta customer adding an internal app"
- Tick "this is an internal app that we have created"
- Click Finish
-
Once done, click on View Setup Instructions
-
In the Estateably application, go to Single-Sign-On section and paste the Identity Provider Metadata:
- Identity Provider Single-Sign-On URL
- Identity Provider Issuer
- Identity Provider Certificate
- Add any users and groups to this app in Okta as normal
If you encounter any issues or if you have any questions, please do not hesitate to reach out to our Support Team.
Configuring SCIM in Okta
-
In your Okta account, click on the Admin button
-
Click on Add Applications
-
Search for SCIM
-
Select SCIM 2.0 Test App (Header Auth), then click “Add”
-
In the General Settings section:
- Use Estateably - SCIM as name
- Upload a logo for the app
- In the Provisioning Tab, click on Integration then Enable API Integration:
- Fill the Base URL with
https://xxxx.app.estateably.com/api/scim/v2
wherexxxx
is your company domain. - Fill the API Token with the API Key you generated in the Admin Section in Estateably application (format
Api-Key xxxxx-xxxxxx-xxxxx-xxxxx
) - Click on Test API Credentials (a message should confirm the integration is verified)
- Save your changes
- Fill the Base URL with
- In the Provisioning Tab, click on To App:
- Enable Create Users
- Enable Update User Attributes
- Enable Deactivate Users
- Enable Sync Password
- Save your changes
- Then Assign the Okta application to users and groups
If you want to synchronize Estateably Teams with Okta Groups, you have to configure the Push Groups section:
If you encounter any issues or if you have any questions, please do not hesitate to reach out to our Support Team.
Comments
Please sign in to leave a comment.