Configuring Single Sign-On with Okta

Prerequisites

  • An Okta User account with permissions to create and configure Okta Integration Network (OIN) Apps, e.g. ‘Application Administrator’

Supported Features

  • SGNL with Okta supports SP-Initiated Single Sign-On, you can initiate SSO by visiting your SGNL tenant’s sign-in page (e.g. https://{clientname}.sgnl.cloud/)
  • SGNL supports Just-in-Time provisioning during SSO from Okta, wherein a new user will be granted Global Reader permissions inside of SGNL – if specific permissions are required, ensure that you update permissions following first sign-in, or provision the user manually when they are assigned to the SGNL App in Okta.

Configuring Okta

  1. From the Okta Admin dashboard, select ‘Applications’ from the left navigation menu
  2. Choose to ‘Browse App Catalog’
  3. Search for ‘sgnl’, and ‘Add Integration’
  4. (Optional) Specify a friendly display name for your users and click ‘Done’
  5. Select the ‘Sign On’ tab and copy the Client ID and Client secret somewhere safe, you’ll need these in a moment for configuring SGNL Sign On
  6. Choose ‘Edit’ from the ‘Sign On’ tab and further down this screen is the ‘Advanced Sign-on Settings’, within this section, specify your SGNL Client Name Advanced Settings
  7. Select ‘Save’
  8. From the ‘Assignments’ tab, specify the people and groups you want to have access to sgnl Advanced Settings

Configuring SGNL for SSO

  1. Login to the SGNL Console
  2. From the left navigation menu, select ‘Admin’
  3. Select ‘Security’
  4. Check the box to Enable OIDC SSO
  5. Insert the URL you use to sign-in to Okta as the Issuer
  6. Specify the Client ID and Client secret you copied from Okta
  7. (Optionally) Test the Connection to Okta, prior to saving the configuration with the ‘Test Connection’ button Configure SGNL
  8. Once complete, click ‘Save’
  9. SSO configuration is now complete and you can now sign-in to SGNL using Okta