Using Single Sign On with Okta
In this blog post, we will walk you through how to use Single Sign On with Okta. Single Sign On is mechanism where a single action of login provides access to multiple services including GpsGate server. As one of the main benefits it reduces the number of passwords you need to remember and it also decrease the time spent on login to various services.
We will install SAML plugin to configure Single Sign On on GpsGate server.
The plugin name refers to Security Assertion Markup Language (SAML) standard, it defines a framework for exchanging security information between online business partners.
1. Log in to SiteAdmin and navigate to Plugins tab
2. In the repository update.gpsgate.com, Install Saml plugin
1. Click on the Saml menu in Applications tab in SiteAdmin.
2) Click on Add button and select an application for single sign-on from the drop down list.
At this point you need to chose an Identity Provider that provides an endpoint for SSO and supports SAML 2.0 protocol. In this example we will show you how to use Okta as identity provider.
Do not click the Create button yet because will get back to this step later.
3) Go to Okta‘s homepage, register an account and log in to the admin user interface.
4) Click on Add Application button on Applications tab.
On the next page click Create New App on the left side.
5) Select SAML 2.0 as sign on method and click Create.
6) In general settings, fill the App name that corresponds with the GpsGate application name and click Next
7) Copy-paste the Single Sing on URL and Audience URI from step 2) and click Next
8) Select the options as shown below and click Finish.
9) Click Assign people on People tab
In the next view you can find the person that you want to assign to the app.
When selected a person, fill the GpsGate username you want to associate with the Okta user.
10) Right click and copy the link of the Identity Provider metadata url on the Sign on tab (from the section highlighted with yellow color).
Now you can continue step 2:
Paste the Metadata url and click Create button. GpsGate will download the metadata in the background and pair your GpsGate application with the Okta App.
11) Congratulations, you successfully configured the SSO.
When you visit the Single Sign On Url associated with your application, you will be automatically logged in to GpsGate when you are already logged in to Okta.
Note: it is possible to sign in to Okta using Active Directory to make the login more convenient.
Discuss this blog post on the forum please