Highfive Admin users on our Standard, Professional, or Professional Plus plan can use the below information to set up Single Sign On (SSO) with Okta. For general information about SSO, please refer to this main article.
To configure SSO with Okta, you'll need to be logged into your Domain Dashboard in Highfive, as well as your Okta dashboard.
Step 1: Create a new application in Okta
Click on applications, and then click on Add Application.
Step 2: Choose the option to Create New App
Step 3: Name your app, and add a logo if you choose, and click next
Here's are images of our logo if you'd like to add one. Full size downloadable versions available at the bottom of this page:
Step 4: Configure your SAML settings
Here are the fields you'll need to fill out:
Single sign on URL: This is your Highfive SSO URL, which you get from your domain dashboard in the authentication section.
Audience URI (SP Entity ID) - This field will need a value, but it is arbitrary so you can call it whatever you'd like.
Next you'll need to create your three custom attributes. Set them as shown below:
Lastly, click Next at the bottom of the page. On the next page, choose the option for I'm an Okta customer adding an internal app. Provide feedback if you'd like, and click Finish.
Step 5: Access your SAML information in Okta
On the next page, after clicking finish in the previous steps, or in the Sign On section of the app you have created in Okta, click View Setup Instructions.
This will open a new window that has the information you'll need to provide to Highfive in the next step.
Step 6: Provide Highfive with your SAML information
After accessing the new window in the previous step, open the authentication tab of your Highfive Domain Dashboard. In these fields, paste the information from that new window. Some of the names might be slightly different, so here's what you're looking for:
| Name in Highfive | Name in Okta |
| SAML Provider URL | Identity Provider Single Sign-On URL |
| SAML Provider Issuer | Identity Provider Issuer |
| SAML Provider X.509 Certificate | X.509 Certificate |
Step 7: Test the configuration
Note: Before testing, you'll need to assign yourself to the Highfive application in Okta in the People section.
Make sure all of the information has been provided correctly by clicking Test Configuration. If everything is correct, you'll get this success message:
Step 8: Click apply configuration
This is important, nothing will be saved if you don't click Apply Configuration.
And that's it! From now on, when your users go to login to Highfive, they'll be redirected to an Okta sign in flow. They'll login with their Okta credentials, and then be redirected back to the app.
Comments