Single Sign-On with Okta
HelpDesk users can use Single Sign-On (SSO) for accessing their account. Admin of the accounts can choose a SAML 2.0 identity provider (IdP) to enable technicians to login to HelpDesk without having to remember another password.
To setup Single Sign-On (SSO) with Okta, the admin needs to:
- Create an app on Okta console
- Assign technicians to the app
- Configure HelpDesk account for Single Sign-On (SSO)
Create an app on Okta Console
Create an app on Okta console and use it as an identity provider for SSO.
To create the app,
- Log in to the Okta console using your Okta account credentials.
Click 'Admin' on the top-right corner to navigate to the admin console.
- This step is for developer accounts only. Skip this step in case you are using a regular production account.
- In case it reads 'Developer Console' in the top-left corner, click the drop-down and select 'Classic UI' to switch to the Classic.
Navigate to the 'Applications' tab and click 'Add Application'.
Click 'Create New App'.
Select 'SAML 2.0' and click 'Create'.
Enter 'App name' and click 'Next'.
Add the 'SSO URL' and 'Audience URL' then click 'Next'.
Select 'I'm an Okta customer adding an internal app'. Select 'This is an internal app that we have created' checkbox.
- Click 'Finish'.
Go to 'Sign On' tab and click 'View Setup Instructions'. You will be directed to a web page where you will find SAML 2.0 Single Sign-On Login URL, Issuer URL and the X.509 Certificate. Copy these and paste them in your HelpDesk account via the web interface.
Assign technicians to the app
To enable SSO for technicians, admin needs to assign users to the new app on Okta console.
To assign technicians,
Launch the new app on Okta console.
- Click 'Assign'.
Select 'Assign to people' and assign users for SSO.
Configure HelpDesk account for Single Sign-On (SSO)
Admin needs to provide the received SAML 2.0 URLs and Certificate in the Single Sign-On application from the HelpDesk web interface.
To configure SSO,
- Log in to the HelpDesk application via any web browser.
- Click the username on the top-right corner and click 'My Account'.
- Click 'Single Sign-On'.
- Enter a name for your SSO profile.
Enter the 'Issuer URL', 'SAML 2.0 Single Sign-On Login URL' and add the 'X.509 Certificate' received from your newly created app on Okta console.
- Click 'Configure Single Sign-On'.
You will receive a confirmation email once SSO is enabled for your account.