Single Sign-On with Okta

In this tutorial, you will learn how to integrate your Updraft Organization with your Okta Users Directory through SAML. Please follow the next steps.

Step 1 - Obtain the SAML Provider Details from Updraft

Only Owner of an Updraft Organization is able to add an SSO Integration

  1. Open your Account Settings as an Owner

  2. Go to the Security Page

  3. Click Add SSO

  4. You will see now your SAML configuration

  5. Store them

Step 2 - Add a New App in Okta Identity Provider

  1. Open the Admin Dashboard of Okta: https://login.okta.com/

  2. Click on Add an app to use Single Sign-On

Step 3 - Create a New App

  1. Click on Create New app within the Catalog

Step 4- Create a new App Integration

  1. Select in the next pop-up SAML 2.0

Step 5- Create SAML Integration: General Settings

In the next step the General Settings of the SSO Integration is made.

  1. You can Add an App Name: My Updraft App

  2. You can optional upload an image

  3. You can set if the app icon should be visible to your users

Step 6- Create SAML Integration: Configure SAML

In the next step the Single sign-on URL and Audience URI is set.

  1. Set the Single sign-on URL to: https://getupdraft.com/saml2_auth/acs/

  2. Audience URI: getupdraft

  3. Name ID format: Unspecified

  4. Application username: Okta username

  5. Update application username on: Create and Update

Step 7- Create SAML Integration: Configure Attribute Statements

  1. Scroll down on the Configure SAML page

  2. Add following "Attribute Statements":

  • email = user.email

  • username = user.email

  • first_name = user.firstName

  • last_name = user.lastName

  1. Click on Next Button

  2. You will be redirected to the created application page

Step 8- Create SAML Integration: Get your XML file from Okta an upload it to Updraft

To download the XML file, click on "View IdP metadata" and copy the XML Content to a new XML file.

  1. Scroll down to the Section 'SAML Signing Certificates'

  2. Click on Actions for the SHA-2 xml.file

  3. Click on View IdP metadata

  4. The .xml file will be opened in a new browser-tab

  5. Download the .xml file

When you visit the page of the .xml file, you can right click -> "Save as" and save it on your machine. It seems to keep formatting that way as is in the original.

Step 9- Invite your users to your newly created SSO App in Okta

1. Go to admin.okta.com/admin/dashboard

  1. Go to admin.okta.com/admin/dashboard

  2. Go to the page Directory

  3. Select People

  4. Click on Add Person

  5. Fill out the First name, Last name and Username (=E-Mail Adress)

  6. Click on Save

  7. User will get an e-mail notification to activate his Okta account

  8. As soon the user has activated his account, you can Assign the User to the Updraft SSO Application

Step 10- Assign your users to your newly created SSO Updraft App in Okta

  1. Click on the user

  2. Click on Assign Applications

  3. Assign SSO Updraft App to the User

  4. Click on Assign and then Done.

Step 11- Upload the .xml metadata to your Updraft Organization

  1. Go back to your Updraft Organization

  2. Account Settings

  3. Security Page

  4. Click on Add Okta

  5. Upload the obtained .xml file

  6. Save it

  7. Done!

Step 12 - verify the integration

After following all the above steps, log in to your Updraft account to verify that you are now able to sign in with Okta.

If the integration was successful:

  1. If you are opening your subdomain.getupdraft.com/login page you will see the Login with SSO Okta Button

  2. When your assigned Users click on the Login with SSO Button they will be redirected to the Okta login page

  3. upon successful authentication with Okta, your users will be logged into Updraft automatically and redirected to the dashboard page of Updraft

  4. A new account for your uses will be created in Updraft after they logged-in the first time

  5. Now you can assign projects and apps to your users.

If you encounter any issues, please refer back to the previous steps or reach out to the support team for assistance.

Last updated