Skip to main content

Work Orders SAML Integration (Okta)

Christopher Gentile
  • Updated

Step 1: Create a SAML application within your Identity Provider.

 

Okta SAML Setup

  • Login to your Okta Dashboard
  • Go to Applications → Create App Integration
  • For Sign-in method select “SAML 2.0”
  • General Settings
    • Enter a unique App Name to correspond to the MasterLibrary application
  • SAML Settings
    • Single sign-on URL
      • https://XXXXX.mlworkorders.com/MLSAMLConnect.aspx
        • Replace “XXXXX” with your custom MasterLibrary subdomain
    • Check the box for “Use this for Recipient URL and Destination URL”
    • Application username
      • Select “Okta username”
    • Attribute Statements (optional)
    • image (31).png
      • FirstName
        • user.firstName
      • LastName
        • user.lastName
      • Email
        • user.email
      • Externalid
        • user.employeeNumber
    • Group Attribute Statements 
      • This is where you will select the Groups you want to pass through to automatically assign Role(s) to the Users within MasterLibrary.  This is optional but a nice way to give Users some default roles and capabilities, especially if you segment within Groups in Okta already.
  • Select “I'm an Okta customer adding an internal app”
  • SAML Signing Certificates
    • Next to the active certificate select “Actions → Download certificate”
    • This is the text you will copy/paste into MasterLibrary in step 2

Step 2: Configure your Identity Provider within Work Orders.

  1. Select Settings > Single Sign On > SAML Configuration. The SAML Integration Admin page appears. SAML Integration Admin page.
     

  2. Next to Okta, click Edit icon.. A pop-up appears. SAML Okta integration settings page. 

    Note: You may see two rows for Okta, one with a checkbox in the For Mobile column and one without a checkbox in that column. 

    • To set up the web app, select Edit icon. in the row without the For Mobile checkbox selected.
    • To set up the mobile app, select Edit icon. in the row with the For Mobile checkbox selected.
  3. Do the following:
    1. Under Entity ID, enter your Okta identifier.
    2. Under Issuer, enter the desired Okta URL.
    3. Under the Login Link, if desired, paste the App Embed Link from Okta.

    4. Under Certificate, enter the certificate.  

      Note: You download this from Okta, then enter it here.
  4. Click Save.

Step 3: Set default Roles for Users who login via SAML.

Once you log in to your MasterLibrary product you will navigate to Admin → Single Sign On → SAML Group Settings.  From there, you will configure the SAML Groups you indicated in Step 1 and what default set of Roles you want to give to Users within that Group.

 

*Passing "Group" is required, but using Groups to actually give default Roles is not.*

 

Note: You can create as many SAML Groups as you’d like, and each time a User logs in they will get whatever Roles you indicate on all of the Groups they are a part of.  You can also manage additional Roles within MasterLibrary as usual, but you can not remove these default ones so make sure they apply to all users within the group.


 

For Okta: Group Name field will be the Group Names established in Step 1


 

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk