How to set up a SAML Single-on with Okta

okta-2

So far we have covered the general steps needed to set up a SAML integration between Kanbanize and an Identity Provider (IdP). We also have a step-by-step tutorial for users of Azure AD and a guide for clients of OneLogin. The next paragraphs will demonstrate how you can set up an integration between Kanbanize and Okta:

1.Switch your Okta dashboard to ‘admin mode’ by clicking the button in the upper right corner:

Step 1

2. Then select ‘Applications’ and click ‘Add Application’:

Step 2

3. On the new page press ‘Create New App’:

Step 3

4. Select ‘SAML 2.0’ and confirm:

Step 4

5. A new screen will appear. Give the new app a name and press ‘Next’:

Step 5

6. Now you are taken to the SAML configuration screen. Here is how you fill the first (‘General’) section:

Single sign-on URL: https://{subdomain}.kanbanize.com/saml/acs
Audience URI (SP Entity ID): https://{subdomain}.kanbanize.com/
(beware the / at the end)
Default RelayState: /ctrl_login/saml_login

Everywhere replace {subdomain} with your Kanbanize account’ subdomain. E.g. if you access Kanbanize at https://acme.kanbanize.com your subdomain is acme.

In the end, it should look something like this:

Step 6

7. In the ‘Attribute Statements’ section add an attribute named ‘EmailAddress’ and choose ‘user.email’ from the ‘Value’ dropdown:

Step 7

(Optional: add two more fields that hold the user’s first and last names)

8. With this the setup of the app is complete. Click ‘Next’ and ‘Finish’ and you will be taken to a page with details about your new app:

Step 8

9. Click ‘View Setup Instructions’ to open a page with the info you will need when configuring Kanbanize:

Step 9

10. With this, our work at Okta is done. Now head over to your Kanbanize account, open the administration panel and select the integrations tab:

Step 10

11. Tick the ‘Enable SAML 2.0 Single Sign-On’ checkbox and fill the fields below with the info from Okta like this:

Identity Provider Issuer goes to IdP Entity Id

Identity Provider Single Sign-On URL goes to IdP Login Endpoint

X.509 Certificate goes to IdP X.509 Certificate

12. Attribute name for Email is the name of the parameter that contains the user’s email. In our example this is EmailAddress

(If you added parameters for user’s first and last names, fill their names in the other two fields)

13. In the end, it should look something like this:

Step 13

14. Click ‘Save Settings’ and you are almost done!

15. The only thing left is to give users of your IdP access to Kanbanize. Go back to the app’s page in Okta and select the ‘People’ tab:

Step 15

16. Use the green ‘Assign to People’ button to add the people you wish to give access to Kanbanize.

17. That’s it! Your users should now be able to login to Kanbanize through your Okta account!

Be sure to try the integration and don’t hesitate to contact our support if you have any trouble.

 

Leave a Reply

Your email address will not be published. Required fields are marked *