Okta
  • 08 Jun 2022
  • 2 Minutes to read
  • Dark
    Light
  • PDF

Okta

  • Dark
    Light
  • PDF

Article Summary

The Okta integration allows you to sync SysAid with your Okta account so you can automatically log in to SysAid whenever you log in to Okta.

For this integration to work, you must be running SysAid 16.1.25 or higher.

Note

Only an admin with SysAid Administrator permissions can set up this integration.

You cannot activate this integration if another single-sign on integration has already been enabled for SysAid.

Set up your SysAid app in Okta

  1. Login to Okta as an administrator.
  2. In your Okta console, click Add Application.
    IntegrationOktafiles1.JPG
  3. Click Create New App.
    IntegrationOktafiles2.JPG
  4. Select the SAML 2.0 option button.
  5. Click Create.
    IntegrationOktafiles3.JPG
  6. Enter SysAid in the App Name field.
  7. (Optional) Click Browse to select a logo, and click Upload Logo.
  8. Click Next.
    IntegrationOktafiles4.JPG
  9. In the Single Sign On URL field, enter your account URL with the following extension addons/okta/jsp/consume.jsp appended to it.
  10. In the Audience URI field, enter urn:okta:sysaid.
  11. From the Name ID Format drop-down list, select EmailAddress.
  12. From the Application Username drop-down list, select Okta username.
  13. Click Show Advanced Settings.
    IntegrationOktafiles5.JPGss
  14. From the Response drop-down list, select Signed.
  15. From the Assertion Signature drop-down list, select Unsigned.
  16. From the Signature Algorithm drop-down list, select RSA-SHA256
  17. From the Digest Algorithm drop-down list, select SHA256.
  18. From the Assertion Encryption drop-down list, select Unencrypted.
  19. From the Authentication Context Class drop-down list, select X.509 Certificate.
  20. From the Honor Force Authentication drop-down list, select Yes.
    IntegrationOktafiles6.JPG
  21. In the Attribute Statements section add the following attributes:
    Name
    Name Format
    Value
    firstNameBasicuser.firstName
    lastNameBasicuser.lastName
    emailBasicuser.email
    usernameBasicuser.login
  22. Click Next.
    IntegrationOktafiles7.JPG
  23. In the Feedback tab, click Finish.
    IntegrationOktafiles8.JPG
  24. In the Sign On tab, Click View Setup Instructions.
    IntegrationOktafiles9.JPG
  25. Copy the URL from the Identity Provider Single Sign-On URL field.
    IntegrationOktafiles10.JPG
  26. On the main Third-Party Integrations page, in the Okta icon, click IntegrationsfilesGreenCog12.jpg.
  27. Paste the URL that you copied in step above into the Okta Base URL field.
    IntegrationOktafiles15.PNG
  28. Back in Okta, copy the contents of the Identity Provider Issuer field.
  29. In the original window, click the General tab.
  30. In the SAML Settings area, click Edit.
  31. Click Next.
  32. Click Show Advanced Settings.
  33. Paste the copied contents of the Identity Provider Issuer field into the SAML Issuer ID field.
  34. Click Next and return to the Sign On tab.
  35. Copy the contents of the of the X.509 Certificate field between the Begin Certificate and End Certificate lines.
  36. In SysAid, paste the text into the Okta Certificate field.
  37. In the Okta CallbackURL field, enter your account URL with the following extension addons/okta/jsp/consume.jsp appended to it.
  38. In Okta, from the main menu, select Security>API.
  39. Click Create Token.
    IntegrationOktafiles12.PNG
  40. Enter a token name.
  41. ClickCreate Token.
    IntegrationOktafiles13.PNG
  42. Copy the API Token from the Token Value field.
  43. In SysAid, paste the text into the Okta API Token field.
  44. (Optional) If you want SysAid to create new users with their Okta IDs, Enter "Y" in the Create New Users field.
  45. (Optional) If you selected to allow SysAid to create new users with their Okta IDs, you can replace the Okta domain name with any name you want in the Domain Mapping field. For example, "MyDomain= MyCompany.com, MyDomain2= MyCompany.com". If you want user names to contain the user's original domain, leave this field blank.
  46. Click the slider to activate the Okta integration.
  47. Click Save Changes.
    IntegrationOktafiles14.PNG

Was this article helpful?

What's Next