Documentation

Single Sign-On: Setting up SSO using Okta and SAML

Abstract

SummaryStep-by-step instructions for implementing SSO via Okta, including creating/configuring an Alooma application in Okta, sending the necessary information to Alooma, and adding users/groups to the application.

Implementing SSO via Okta is a four step process:

  1. Create a new SAML application in Okta.

  2. Create a SAML integration in Okta.

  3. Send configuration information to Alooma (support@alooma.com).

  4. Add users to the application.

Step 1: Create a new SAML application in Okta

Log in to your Okta organization as a user with administrative privileges.

  1. Click Admin.

  2. Click Add Applications.

  3. Click Create New App.

  4. Specify "Web" as the Platform, and select the “SAML 2.0” option.

  5. Click Create.

okta1.png
Step 2: Create a SAML integration in Okta

After you click Create on the Create a New Application Integration screen:

  1. Enter a name (e.g. Alooma).

  2. Add a logo (optional) and set application visibility.

  3. Click Next.

  4. In the GENERAL section, enter the single sign on URL. The format is: https://app.alooma.com/rest/login/saml/<idp_name>. Alooma uses <idp_name> to uniquely identify the customer, so enter something that will make sense to Alooma support. Take a note of the value you enter here as we’ll need this later. Please use letters, digits, and underscores only.

  5. The Audience URI = https://app.alooma.com

  6. The Name ID format = EmailAddress

  7. The Application username = Email

    okta2general.png
  8. In the ATTRIBUTE STATEMENTS (OPTIONAL) section, configure the following attribute statement:

    • Name = email

    • Name format = unspecified

    • Value = user.email

    okta3attribute.png
  9. Click Next.

  10. Complete the feedback form as you see fit and then click Finish.

Step 3: Send configuration information to Alooma

On the application Sign On tab (which should open after you click Finish above):

  1. Click View Setup Instructions (a new tab will open).

    okta4setup.png
  2. Send Alooma (support@alooma.com) the following 4 pieces of information:

    1. Identity Provider Single Sign-On URL

    2. Identity Provider Issuer

    3. X.509 Certificate

    4. <idp_name> you specified in Step 2: Create a SAML integration above

    okta5infosend.png
Step 4: Assign the application to users (or groups)
  1. On the Applications page, locate and select the Alooma application you created.

  2. Click Action.

  3. Choose Assign to Users or Assign to Groups.

Search results

    No results found