Introduction
In this article, you'll learn how to set up Single Sign-On (SSO) authentication with Okta. The SSO can be implemented for both the Members and the Admin Portals.
Contents
Members Portal SSO With Okta
- Open https://developer.okta.com
- Go to Applications/Create App Integration.
- Choose OIDC - OpenID Connect. Please note that we do not support other protocols.
- Select Web Application.
- Click Next.
- Give your Okta app a meaningful name.
- Open OfficeRnD Flex and navigate to Settings/Integrations.
- Expand Authentication and activate Members SSO Authentication.
- Click Configure.
- Back In Okta, enter the following in the Base URL field:
https://app.officernd.com
- Copy the Return URL from OfficeRnD and paste it into Sign-In redirect URLs.
* Sign-Out redirect URIs is optional. In case you have to fill that in, please use the same URL and replace /return with /log-out.
- In Okta, select a Controlled access option from the last tab called Assignment.
- Save the Application.
- Copy the Client ID and Secret from Okta and paste them into the respective fields in OfficeRnD.
- Finally, enter the Discovery URL in OfficeRnD using your Okta Domain. The URL should follow this syntax: {{okta domain value}}/oauth2/default/.well-known/openid-configuration.
Example below:https://dev-8934962.okta.com/oauth2/default/.well-known/openid-configuration
If you receive a Failed to resolve discoveryUrl message, use the following syntax:https://dev-8934962.okta.com/.well-known/openid-configuration
More info on Okta's Discovery URL formatting can be found here. - (Optional) Enable Account Activation in OfficeRnD. With this setting enabled, employees who already exist in OfficeRnD Flex will be allowed to log into the Portal without invitations. If this setting is disabled, employees without prior access to the Portal must have it enabled by an administrator.
-
Turn Off Password Login - This setting enforces SSO login and prevents members from logging in with email and password. If it's left unchecked, members will have the option to use SSO or a normal email/password login.
Enabling Turn Off Password Login of the SSO for Member Tools disables:
- The standard login with OfficeRnD user and password
- The Public Calendar Page and Sign-up Page
- Reset password links
- Token for auth in the invite to portal email (Welcome email) - Once everything is entered in the correct fields, click on the Update button.
Admin Portal SSO With Okta
After you have configured the Web Portal SSO, you can add Admin Portal SSO as well.
- Activate the Admins SSO Integration in OfficeRnD.
- Click Configure.
- Copy the Return URL.
- Open your application in Okta.
- Open the General tab.
- Under the LOGIN section and Sign-in Redirect URIs, click Add URL.
- Paste the copied Return URL.
- Save your changes in both platforms.
Comments
Please sign in to leave a comment.