Configuring Single Sign On with Okta

Highfive Admin users on our Standard or Professional plan can use the below information to set up Single Sign On (SSO) with Okta. For general information about SSO, please refer to this main article

To configure SSO with Okta, you'll need to be logged into your Domain Dashboard in Highfive, as well as your Okta dashboard. 

 

Step 1: Create a new application in Okta

Click on applications, and then click on Add Application. 

 

 

Step 2: Choose the option to Create New App

 

 

Step 3: Name your app, and add a logo if you choose, and click next

 

 

Here's are images of our logo if you'd like to add one. Full size downloadable versions available at the bottom of this page:

 

Highfive_Logo.png

 

highfive_color_logo.png

 

Step 4: Configure your SAML settings

Here are the fields you'll need to fill out: 

Single sign on URL: This is your Highfive SSO URL, which you get from your domain dashboard in the authentication section.

Audience URI (SP Entity ID) - This field will need a value, but it is arbitrary so you can call it whatever you'd like. 

 

 

Next you'll need to create your three custom attributes. Set them as shown below: 

 

 

Lastly, click Next at the bottom of the page. On the next page, choose the option for I'm an Okta customer adding an internal app. Provide feedback if you'd like, and click Finish

 

Step 5: Access your SAML information in Okta

On the next page, after clicking finish in the previous steps, or in the Sign On section of the app you have created in Okta, click View Setup Instructions.

 

 

This will open a new window that has the information you'll need to provide to Highfive in the next step. 

 

Step 6: Provide Highfive with your SAML information

After accessing the new window in the previous step, open the authentication tab of your Highfive Domain Dashboard. In these fields, paste the information from that new window. Some of the names might be slightly different, so here's what you're looking for:

 

Name in Highfive  Name in Okta
SAML Provider URL Identity Provider Single Sign-On URL
SAML Provider Issuer Identity Provider Issuer
SAML Provider X.509 Certificate X.509 Certificate

 

Step 7: Test the configuration 

Note: Before testing, you'll need to assign yourself to the Highfive application in Okta in the People section. 

Make sure all of the information has been provided correctly by clicking Test Configuration. If everything is correct, you'll get this success message: 

 

 

Step 8: Click apply configuration

This is important, nothing will be saved if you don't click Apply Configuration

 

 

And that's it! From now on, when your users go to login to Highfive, they'll be redirected to an Okta sign in flow. They'll login with their Okta credentials, and then be redirected back to the app. 

Have more questions? Submit a request

Comments

Powered by Zendesk