Articles in this section

How to setup SSO with OKTA

Avatar
Barbora Hodorová
Updated
Follow

About the article

Templafy is available in Okta as an application that can be added from the Okta portal. Templafy application comes with pre-configured settings; SAML connectors are setup out-of-the-box and all supported User Claims are pre-mapped in the back-end of the application. This article describes how an organization can set up SSO on Okta utilising SAML2 protocol.

This support article is divided into the following main sections: 

Prerequisites

 
  • Administrator rights in Okta portal

Step-by-Step installation

  1. Log in to your Okta organization as a user with administrative privileges and navigate to the Admin section
  2. In the panel locate Applications section
  3. Select the Applications subsection
  4. Click on Browse App Catalog

    mceclip0.png

  5. Use the search function and type Templafy in the search field

    mceclip1.png

  6. Confirm your selection by clicking Add when Templafy appears
  7. Edit the General settings according to your preferences and hit Done to confirm and add the application to your Gallery

    mceclip2.png

Congratulations! You have now completed the basic setup on your side. 

Obtain Metadata URL to complete the setup on Templafy's side

  1. In the Templafy Application, navigate to the Sign On tab
  2. Locate and click on the View Setup Instructions


    mceclip1.pngmceclip4.png

  3. In the new tab that opens, locate Configuration Steps subsection
  4. Copy the Metadata URL from the Step 2

    mceclip8.png

  5. Provide the URL to Templafy Implementation Partner to allow them to finalise the SSO configuration on Templafy's side. 

Configure User Profile Mappings

    1. In Okta Admin portal locate Directory tab
    2. Navigate to Profile Editor 
    3. Search for the Templafy app, then click on the name of the app

      mceclip5.png


    4. Select Add Attribute
    5. Enter the following required fields: 
      • Display Name: Enter a preferred attribute name. 
      • Variable Name: Variable names are pre-defined and case sensitive. 
         
        • Use the following values as Variable Names for the respective attributes: 
          titlemobilePhoneprimaryPhonestreetAddresscitystatezipCode
          preferredLanguage, departmentcountrycustomClaim1customClaim2
          customClaim3 

        mceclip7.png
    6. Complete the action by either clicking Save or Save an Add Another, if you wish to continue adding more attributes
    7. Once you have added all attributes you want to send to Templafy, click on Mappings to map them against attributes from the Okta Base User profile
    8. In the Mappings section select Okta User to Templafy
    9. Start typing the required attribute from the Okta Base User profile (or use the dropdown list) and select the attributes you want to map
    10. In a similar manner continue to do so until all attributes have been mapped
    11. To ensure claims are regularly updated select the option Apply mapping on user create and update
      mceclip1.png
    12. Review the mappings and confirm the setup by clicking Save Mappings

      mceclip3.png

    13. Now that mappings are saved, hit Apply updates now to pass the attributes with their respective values from the Okta Base User Profile to Templafy.
      mceclip9.png

Below screenshot is an example of a complete list of User Profile mappings.

mceclip12.png

Configure Group Claim

If you wish to pass Okta groups as part of the SAML response, please follow these steps: 

  1. In Okta, look up the Templafy App in the Applications directory
  2. Navigate to the Sign On tab of the App, then click Edit
  3. Select your preferred group filter from the dropdown list
  4. Manually type in .* in order to send all Okta groups to Templafy

    mceclip11.png

  5. Click Save   

Templafy Hive

If you are a new customer onboarding on HIVE or an existing customer upgrading to HIVE, please note that Templafy has introduced regional data clusters for hosting the Templafy solution. These will be reflected in the SAML endpoints based on the geographical location.

To complete the configuration and use the ACS URL in Okta based on your region, follow these additional steps:

    1. Navigate to the Sign On tab of the Templafy Application
    2. Click Edit

      mceclip0.png

    3. Scroll down to Advanced Sign-On Settings
    4. Check Upgrade to Templafy HIVE

      mceclip3.png

    5. Enter the one of the following Assertion Consumer Service values

      mceclip4.png

      West Europe (small companies) https://templafyprod0.auth.templafy.com/auth/saml2/auth-services/Acs
      West Europe https://templafyprod1.auth.templafy.com/auth/saml2/auth-services/Acs
      East US

      https://templafyprod2.auth.templafy.com/auth/saml2/auth-services/Acs
      East Australia

      https://templafyprod3.auth.templafy.com/auth/saml2/auth-services/Acs
      Canada

      https://templafyprod4.auth.templafy.com/auth/saml2/auth-services/Acs
    6. Click Save

Related articles

 

Related articles

Comments

0 comments

Please sign in to leave a comment.