This article outlines how to set up AuditFindings for single sign on via Okta. There are four basic steps.
- Obtain Okta configurations from your Okta server.
- Enter Okta settings in AuditFindings.com.
- Save and Sync. Okta users will be imported into AuditFindings.com.
- Enable users within AuditFindings that you would like to to have access to AuditFindings via Okta single sign on.
Explanations of the these basic steps are included below.
STEP 1 OBTAIN OKTA SETTINGS
The Okta settings will need to be entered into the AuditFindings Administration > Single Sign on page. From this section, you will need to enter the following:
- Okta Domain
- Client ID
- API Token
Once these items are entered, the Login Link will be created that can then be used by Okta users.
Here is how to obtain these settings from within Okta.
The following provides additional information on getting the configuration items from your Okta server to input into AuditFindings.
OBTAIN OKTA DOMAIN
Get your Okta Domain for your Okta Server: Your Okta Administrator should have this information.
OBTAIN CLIENT ID
Create an AuditFindings Application to obtain a Client ID. Below is the process to create an application and obtain the client ID.
Select Applications from the Applications menu.
Select Add Application.
Select Create New App
Select WEB - Open ID Connect
Enter the appropriate setting in the OpenID Connect Integration page.
- Application Name: AuditFindings (or whatever you would like to call it)
- Application Logo: Optional, but our logo is uploaded to this help file.
- Client Credentials: blank
- Client acting on behalf of a user
- Authorization Code: checked
- Implicit (Hybrid)
- Allow ID token with implicit grant type: checked
- Login redirect URIs: https://secure.auditfindings.com/member/login/okta
- Logout redirect URIs: blank
- Login initiated by: Either Okta or App
- Application visibility
- Display application icon to users
- Login Flow: redirect to app to initiate login (OIDC Compliant)
The Client ID is near the bottom of the page in the Client Credentials section.
OBTAIN API TOKEN
When you create this ID, you must ensure that you copy the ID, it cannot be retrieved again. A new one must be created if this ID is not copied at that time.
Select API from the Security dropdown menu
Select Create Token
Name the token: AuditFindings
Copy the token value: This will be entered into AuditFindings SSO settings.
In addition to the API token, a Trusted Origin must be configured.
Select Trusted Origins > Add Origin
Configure the Origin Settings:
- Name: AuditFindings
- Origin URL: https://secure.auditfindings.com
- CORS: Checked
- Redirect: Checked
STEP 2 ENTER INFORMATION INTO AUDITFINDINGS.COM SSO
Once entered, you will see the Login Link Available.
STEP 3 SAVE AND SYNC
By clicking the Save and Sync button, users from Okta will be imported into the User Management within AuditFindings. The users will be imported as Disabled. An Administrator will need to activate the users and/or change their access level if they should have access other than at the Assignee level.
STEP 4 ENABLE USERS WITHIN AUDITFINDINGS.COM
As noted in step 3, an AuditFindings Administrative-level user will need to activate users within AuditFindings. If this is not done, the users will not be able to access AuditFindings through the Okta Single Sign On.