This article outlines the steps you will need to follow to get the Okta single sign-on (SSO) configuration established.
This article contains the following sections:
Prerequisites
Account SSO setup must be configured by a Clozd account administrator. Please reach out before starting to set up Okta SSO so they can help through the process and configure your account accordingly.
Supported Features
- Service Provider-initiated SSO
- Identity Provider-initiated SSO
- Automatic user account creation on first SSO
Configuration
In order to configure the Okta SSO integration, please follow the steps below.
- Access your account admin view in Okta
- Under Applications, click Add Application
- Find the Clozd application and click Add
- In General Settings, add the Clozd subdomain you’ve been assigned by your account administrator to the Clozd Subdomain field
- Click Done
- Navigate to the Sign On tab
- Copy the Client ID, Client Secret, and Issuer URL (Issuer URL can be found when clicking on OpenID Provider Metadata and copying the value of the issuer property, it should begin with https) and send them to your account administrator to complete your configuration setup
Assign Users
Once your account has been configured, you can assign users access to your Clozd account by clicking on the Clozd Okta application Assignments tab and clicking Assign -> Assign to People and selecting the user you wish to give access through SSO.
The Clozd Okta integration includes automatic user account creation on the first SSO so you don't need to worry about creating new users in your Clozd account though it is still an option for you. It is important to know that any new user account created will default to a basic user role with minimum-level privileges. If needed, privileges can be added in your Admin Users table. For questions, please contact your account administrator.
Logging in
The Clozd Okta integration allows a user to sign in to Clozd from their Okta dashboard or from their org-specific Clozd domain. When your account was configured to use SSO, you were assigned a subdomain to use with your login navigation, for example:
https://example.app.clozd.com/login
This domain is required for a user to log in to their Clozd account if not using the Okta dashboard.
User Management
Users can be unassigned from the Clozd Okta application to prevent authentication when logging into Clozd. Users can also be disabled from the Admin Users table in the Clozd platform.
Please keep in mind that deleting users from the Clozd platform will not prevent them from logging back into the account. Only disabling the user from your Clozd account or removing their assignment to the Clozd application from your Okta account will prevent a user from logging into Clozd.
Questions?
For any troubleshooting issues, please contact support@clozd.com or reach out to your account administrator.
Comments
Please sign in to leave a comment.