- 08 May 2023
- 2 Minutes to read
- Contributors
- DarkLight
- PDF
Single Sign-On with OKTA
- Updated on 08 May 2023
- 2 Minutes to read
- Contributors
- DarkLight
- PDF
This article explains configuring Single Sign-On (SSO) in Record Migrator with Okta as your SAML 2.0 Identity Provider.
To allow users to log in via SAML SSO, Record Migrator must be able to trust and rely on Okta to authenticate users wanting to log in. To establish this trust relationship, you must configure Okta and Record Migrator so both parties can exchange authentication information.
When SSO is enabled, users and groups logging into Record Migrator are redirected to the Okta login page. After successful authentication, they are redirected to the Record Migrator dashboard.
Who can use this feature
- Only Organization Admins can set up SAML SSO.
- You will need an existing Okta account to set up SAML SSO with Okta.
Step 1: Adding Record Migrator as an App in OKTA
To add the Record Migrator application to Okta:
Sign in to Okta. You must have the Applications
Admin
permission.If you don’t have an Okta organization, you can create a free Okta Developer Edition organization here: https://developer.okta.com/signup/
Navigate to the
Admin
dashboard.From the main menu, go to
Applications > Applications
.
Click on
Create App Integration
.
In the next auto-populated dialog box, select the second option, i.e.,
SAML 2.0
, and click onNext
.
In the
General Settings
, enterRecord Migrator
in the App name field, upload theRecord Migrator logo
and click on theNext
button.In the
Configure SAML
tab, do the following:Single sign on URL
: Enter the URL in the below format:<instanceurl>/api/v1/saml/SSO
For example: If your instance URL ishttps://rbm.autorabit.com,
your SSO URL would behttps://rbm.autorabit.com/api/v1/saml/SSO
Audience URI (SP Entity ID)
: Enter the URL* asautorabit.com
.
On the same screen, in the
Attribute Statements
panel, add the following attributes (mandatory) and map to corresponding OKTA properties:
Name | Name format | Value |
---|---|---|
Email | Unspecified | user.email |
Click
Next
to continue.Under the
Feedback
section, select the option:I'm an Okta customer adding an internal app
and click the checkbox next to the text"This is an internal application that we created"
, and click on theFinish
button.
Navigate your mouse to the
Assignment
tab, and clickAssign > Assign to People
.
Next, select the listed
users
and click onAssign
.
After you assign the user, click
Save and Go Back
and then selectDone
.
Go to the Sign On tab and click on Identity Provider Metadata.
This will open up a new tab with some data. You must save this data in XML format on your own system. When you press
CTRL + S
, the data is downloaded in XML format.
Step 3: Configuring SAML Connection in Record Migrator
Now that your OKTA SSO implementation is set up, you’ll need to follow just a few more steps to configure SSO in your Record Migrator account.
Login to your Record Migrator account.
Click on the
Settings
icon in the top-right corner of the page.
Go to
User Management > SSO > OKTA
.Browse for the Metadata XML file you downloaded in your local machine and upload them.
Step 3: Testing the Single Sign-On Configuration
Log out of the Record Migrator app, and then log back in using the
Single Sign On
option.
Enter your organization name in the text field available.
Click Continue.
You should successfully redirect to the Record Migrator app after authentication.