Kuidas saame aidata?
< All Topics
Print

Okta SAML ja SCIM

Folderit dokumendihaldussüsteemis saate kasutada Okta SSO lahendust nii SAML kui SCIM konfiguratsioonis. Allpool on ingliskeelsed juhendid kummagi jaoks eraldi.

Okta SCIM seadistamine

Features

Supported SCIM features include:

  • Create Users. Users in Okta that are assigned to the Folderit application in Okta are automatically added as team users to your account in Folderit.
  • Update User Attributes
  • Deactivate Users. Unassigned/deactivated users are also deactivated in Folderit
  • Group Push. Groups in Okta can be synced to Folderit with members (only assigned users).

Requirements

N/A

Configuration Steps

In Folderit

  1. Go to “Manage accounts”, from there look for the account cog wheel, where You’ll find “Identity providers” item.
  2. Activate OKTA integration by clicking on “Link OKTA”.
  3. Enter a name of Your choosing for the integration (for example “OKTA”).
  4. Keep the dialog with base URL and access token open or copy them and keep them for later.

In OKTA

  1. Browse for “Folderit” from “Applications” and add the integration.
  2. From “Sign On”, edit “Settings” and change “Credentials Details” -> “Application username format” to “Email”.
  3. From “Provisioning”, click “Configure API integration” and enable integration.
  4. Enter base URL and access token from Folderit, test for success and save.
  5. Enable “Create Users”, “Update User Attributes” and “Deactivate Users” in “To App”.
  6. Assign users/groups from “Assignments”.
  7. To sync groups to Folderit, it is required to specify those groups under “Push Groups” page.

Okta SAML seadistamine

Features

The OKTA/Folderit SAML integration currently supports the following features:

  • SP-initiated SSO
  • IdP-initiated SSO
  • Single logout

Requirements

Configuration Steps

In OKTA

  1. From “Sign On”, edit “Settings” and enter “Advanced Sign-on Settings” -> “SAML Base URL” from Folderit.
  2. Upload “Signature Certificate”, which can be downloaded from Folderit “Identity provider” page.
  3. Optional: Enable single logout.
    • Upload “Signature Certificate” from Folderit.
  4. Copy “Sign on methods” -> “Metadata details” -> “Metadata URL” field.

In Folderit

  1. Go to “Identity providers” page.
  2. Click on “SAML” toolbar button and enter “IdP Metadata URL” from previously copied “Medatadata URL” field on OKTA page.
  3. Optional: Enable Single Logout (note: this has to be enabled on both sides to function).

Troubleshooting and Tips

N/A

Was this article helpful?
0 out of 5 stars
5 Stars 0%
4 Stars 0%
3 Stars 0%
2 Stars 0%
1 Stars 0%
5
Please Share Your Feedback
How Can We Improve This Article?