How to Configure SSO in Okta ?

Configuring SAML in Okta

  1. In your Okta account, click on the Admin button

  2. Click on Add Applications

  3. Click on Create New App

  4. Select Web platform and SAML 2.0, then click Create

  5. In the General Settings section:

    1. Use Estateably as name
    2. Upload a logo for the app
  6. In the Configure SAML section:

    1. Paste the URL you were given by your Account Manager in Single-sign on URL, for example https://xxxx.app.estateably.com/api/v1/auth/saml/login wherexxxx is your company domain.
    2. Paste the URLhttps://app.estateably.com as Audience URI (SP Entity ID)
    3. Select EmailAddress for Name ID Format
    4. In Attribute Statements define the following attributes:
      • Name: firstName       Name Format: Basic         Value: user:firstName
      • Name: lastName        Name Format: Basic         Value: user:lastNameSAMLConfEN.jpg
  7. In the Feedback section

    1. Choose "I’m an Okta customer adding an internal app"
    2. Tick "this is an internal app that we have created"
    3. Click Finish
  8. Once done, click on View Setup Instructions

  9. In the Estateably application, go to Single-Sign-On section and paste the Identity Provider Metadata:

    • Identity Provider Single-Sign-On URL
    • Identity Provider Issuer
    • Identity Provider Certificate
  10. Add any users and groups to this app in Okta as normal

 

If you encounter any issues or if you have any questions, please do not hesitate to reach out to our Support Team.

 

Configuring SCIM in Okta

  1. In your Okta account, click on the Admin button

  2. Click on Add Applications

  3. Search for SCIM

  4. Select SCIM 2.0 Test App (Header Auth), then click “Add

  5. In the General Settings section:

    • Use Estateably - SCIM as name
    • Upload a logo for the app
  6. In the Provisioning Tab, click on Integration then Enable API Integration:
    1. Fill the Base URL with https://xxxx.app.estateably.com/api/scim/v2 where xxxx is your company domain.
    2. Fill the API Token with the API Key you generated in the Admin Section in Estateably application  (format Api-Key xxxxx-xxxxxx-xxxxx-xxxxx)
    3. Click on Test API Credentials (a message should confirm the integration is verified)SCIMOktaEN.jpg
    4. Save your changes
  7. In the Provisioning Tab, click on To App:
    • Enable Create Users
    • Enable Update User Attributes
    • Enable Deactivate Users
    • Enable Sync PasswordSCIMToAppEN.jpg
  8. Save your changes
  9. Then Assign the Okta application to users and groups

If you want to synchronize Estateably Teams with Okta Groups, you have to configure the Push Groups section:

  SCIMPushGroups.jpg

 

If you encounter any issues or if you have any questions, please do not hesitate to reach out to our Support Team

Was this article helpful?
2 out of 2 found this helpful

Comments

0 comments

Please sign in to leave a comment.

Articles in this section