Single Sign-On with Okta
In this tutorial, you will learn how to integrate your Updraft Organization with your Okta Users Directory through SAML. Please follow the next steps.
Last updated
In this tutorial, you will learn how to integrate your Updraft Organization with your Okta Users Directory through SAML. Please follow the next steps.
Last updated
Only Owner of an Updraft Organization is able to add an SSO Integration
Open your Account Settings as an Owner
Go to the Security Page
Click Add SSO
You will see now your SAML configuration
Store them
Open the Admin Dashboard of Okta: https://login.okta.com/
Click on Add an app to use Single Sign-On
Click on Create New app within the Catalog
Select in the next pop-up SAML 2.0
In the next step the General Settings of the SSO Integration is made.
You can Add an App Name: My Updraft App
You can optional upload an image
You can set if the app icon should be visible to your users
In the next step the Single sign-on URL and Audience URI is set.
Set the Single sign-on URL to: https://getupdraft.com/saml2_auth/acs/
Audience URI: getupdraft
Name ID format: Unspecified
Application username: Okta username
Update application username on: Create and Update
Scroll down on the Configure SAML page
Add following "Attribute Statements":
email = user.email
username = user.email
first_name = user.firstName
last_name = user.lastName
This Setting is needed if you want to use Permission Groups
Scroll down on the Configure SAML page
Add following "Groupe Attribute Statement":
Name = groups Name format = Unspecified Filter Matches regex = .*
Click on Next Button
You will be redirected to the created application page
To download the XML file, click on "View IdP metadata" and copy the XML Content to a new XML file.
Scroll down to the Section 'SAML Signing Certificates'
Click on Actions for the SHA-2 xml.file
Click on View IdP metadata
The .xml file will be opened in a new browser-tab
Download the .xml file
When you visit the page of the .xml file, you can right click -> "Save as" and save it on your machine. It seems to keep formatting that way as is in the original.
Go to admin.okta.com/admin/dashboard
Go to the page Directory
Select People
Click on Add Person
Fill out the First name, Last name and Username (=E-Mail Adress)
Click on Save
User will get an e-mail notification to activate his Okta account
As soon the user has activated his account, you can Assign the User to the Updraft SSO Application
Click on the user
Click on Assign Applications
Assign SSO Updraft App to the User
Click on Assign and then Done.
Go back to your Updraft Organization
Account Settings
Security Page
Click on Add Okta
Upload the obtained .xml file
Save it
Done!
After following all the above steps, log in to your Updraft account to verify that you are now able to sign in with Okta.
If the integration was successful:
If you are opening your subdomain.getupdraft.com/login page you will see the Login with SSO Okta Button
When your assigned Users click on the Login with SSO Button they will be redirected to the Okta login page
upon successful authentication with Okta, your users will be logged into Updraft automatically and redirected to the dashboard page of Updraft
A new account for your uses will be created in Updraft after they logged-in the first time
Now you can assign projects and apps to your users.
If you encounter any issues, please refer back to the previous steps or reach out to the support team for assistance.
