Setting up Okta SSO in Ultimate's Dashboard is quick and easy. If you are an admin in both Okta and Ultimate, the whole process can be done in less than five minutes.
This article walks you through all the steps needed to start signing in securely with Okta. Here are the steps:
Step 1: Select SSO provider in Dashboard
- Go to User Management > Organization Management in the Ultimate Dashboard
- Click Advanced, you'll see the fields below:
- SSO Provider dropdown - select Okta
- Callback URL - needed in your Okta account for app integration configuration in Step 4.3.a
- Entity ID - needed in your Okta account for app integration configuration in Step 4.3.b
- SSO URL - needs to be obtained from Okta in Step 5
- Certificate - needs to be obtained from Okta in Step 5
Step 2: Log in to Okta as admin
In a separate tab in your browser, log in to Okta. Your URL should look similar to this: https://YOURSUBDOMAIN.okta.com/admin/getting-started
Step 3: Create app integration in Okta
Here you first need to create an app integration for Ultimate, then configure the settings of that app integration.
Create an app integration
-
Go to Applications from the left side navigation
-
Click Create App Integration and a window will pop up
- In the pop-up window, select SAML 2.0
- Click Next
Step 4: Configure the app integration in Okta
- In General Settings
- App name: Ultimate
- App logo: skip
- App visibility: as you prefer
- Click Next
- In Configure SAML
a. Single Sign on URL - Copy Callback URL from the dashboard (see Step 1)
b. Audience URI (SP Entity ID) - Copy Entity ID from the dashboard (see Step 1)
c. Name ID format - Select EmailAddress
d. Application username - Select Email - Other fields can remain unchanged
- Click Next
Step 5: Assign Users / Groups to the new Application in Okta
Now the the app has been created, users or groups that require access to Ultimate's Dashboard need to be added to this application.
To do this:
- Open the application you just created in the last step.
- Go to the Assignments tab, then click Assign and select Assign to People or Assign to Group based on your preference
- Go to the Sign On tab and click View Setup Instructions. You will see Identity Provider Single Sign-On URL and X.509 Certificate needed for the next step.
Step 6: Fetch information from Okta to Ultimate
You are almost there. What's left to do now is simply copy and paste information from Okta to the Ultimate Dashboard, to connect the two platforms.
In your browser, go back to the tab where the Ultimate Dashboard is:
- Go to User Management > Organization Management
- Click Advanced, you'll see the fields below:
- SSO URL - Copy and paste the Identity Provider Single Sign-On URL here (found in Step 5)
- Certificate - Copy and paste the X.509 Certificate here (found in Step 5)
- Click Test SSO Authentication
- This would redirect you to your Okta account then back to the Dashboard
- Verified should appear next to SSO Authentication in the Ultimate Dashboard
- If you don't see the Verified label, check the steps before this and try again. This step is mandatory before SSO can be enabled
Step 7: Enable SSO
- Toggle on Enable SSO
- To test it, go to https://dashboard.Ultimate/signin
- Insert your email
- You should be logged in to the Ultimate Dashboard automatically
- You might be redirect to Okta to authenticate if you're not logged in there already