Highfive Admin users on supported plans can set up Single Sign On (SSO) with Okta. For general information about SSO, please refer to this main article.
To configure SSO with Okta, you'll need to be logged into your Highfive Admin Dashboard in Highfive, as well as your Okta dashboard.
Step 1: Add the Highfive application in Okta
Search for Highfive and then click the Add button.
On the next General Settings page, fill out the 3 required text fields: Application label, Subdomain, and Audience Restriction. When done, click Next.
On the Assign to People page, you can select which user(s) you want to allow Highfive access to. When done, click Next.
Lastly, click Done to save your changes.
Step 2: Access your SAML information in Okta
On the next page, after clicking finish in the previous steps, or in the Sign On section of the app you have created in Okta, click View Setup Instructions.
This will open a new window that has the information you'll need to provide to Highfive in the next step.
Step 3: Provide Highfive with your SAML information
After accessing the new window in the previous step, open the authentication tab of your Highfive Admin Dashboard. In these fields, paste the information from that new window. Some of the names might be slightly different, so here's what you're looking for:
Name in Highfive | Name in Okta |
SAML Provider URL | Identity Provider Single Sign-On URL |
SAML Provider Issuer | Identity Provider Issuer |
SAML Provider X.509 Certificate | X.509 Certificate |
Step 4: Test the configuration
Note: Before testing, you'll need to assign yourself to the Highfive application in Okta in the Assign to People section.
Make sure all of the information has been provided correctly by clicking Test Configuration. If everything is correct, you'll get this success message:
Step 5: Click apply configuration
This is important, nothing will be saved if you don't click Apply Configuration.
And that's it! From now on, when your users go to login to Highfive, they'll be redirected to an Okta sign in flow. They'll login with their Okta credentials, and then be redirected back to the app.