Single Sign-On with OKTA

This article explains configuring Single Sign-On (SSO) in Record Migrator with Okta as your SAML 2.0 Identity Provider.

To allow users to log in via SAML SSO, Record Migrator must be able to trust and rely on Okta to authenticate users wanting to log in. To establish this trust relationship, you must configure Okta and Record Migrator so both parties can exchange authentication information.

When SSO is enabled, users and groups logging into Record Migrator are redirected to the Okta login page. After successful authentication, they are redirected to the Record Migrator dashboard.

Who can use this feature

1. Only Organization Admins can set up SAML SSO.
2. You will need an existing Okta account to set up SAML SSO with Okta.

Step 1: Adding Record Migrator as an App in OKTA

To add the Record Migrator application to Okta:

1. Sign in to Okta. You must have the Applications Admin permission.

2. If you don’t have an Okta organization, you can create a free Okta Developer Edition organization here: https://developer.okta.com/signup/

3. Navigate to the Admin dashboard.

4. From the main menu, go to Applications > Applications.
   

5. Click on Create App Integration.
   

6. In the next auto-populated dialog box, select the second option, i.e., SAML 2.0, and click on Next.
   

7. In the General Settings, enter Record Migrator in the App name field, upload the Record Migrator logo and click on the Next button.

8. In the Configure SAML tab, do the following:

   1. Single sign on URL: Enter the URL in the below format: <instanceurl>/api/v1/saml/SSO
      
      For example: If your instance URL is https://rbm.autorabit.com, your SSO URL would be https://rbm.autorabit.com/api/v1/saml/SSO
      

   2. Audience URI (SP Entity ID): Enter the URL* as autorabit.com.

9. On the same screen, in the Attribute Statements panel, add the following attributes (mandatory) and map to corresponding OKTA properties:

10. Click Next to continue.

11. Under the Feedback section, select the option: I'm an Okta customer adding an internal app and click the checkbox next to the text "This is an internal application that we created", and click on the Finish button.
    

12. Navigate your mouse to the Assignment tab, and click Assign > Assign to People.
    

13. Next, select the listed users and click on Assign.
    

14. After you assign the user, click Save and Go Back and then select Done.
    
    
    

15. Go to the Sign On tab and click on Identity Provider Metadata.

16. This will open up a new tab with some data. You must save this data in XML format on your own system. When you press CTRL + S, the data is downloaded in XML format.

Step 3: Configuring SAML Connection in Record Migrator

Now that your OKTA SSO implementation is set up, you’ll need to follow just a few more steps to configure SSO in your Record Migrator account.

1. Login to your Record Migrator account.

2. Click on the Settings icon in the top-right corner of the page.
   

3. Go to User Management > SSO > OKTA.

4. Browse for the Metadata XML file you downloaded in your local machine and upload them.
   

Step 3: Testing the Single Sign-On Configuration

1. Log out of the Record Migrator app, and then log back in using the Single Sign On option.
   

2. Enter your organization name in the text field available.
   

3. Click Continue.

4. You should successfully redirect to the Record Migrator app after authentication.