Okta: Difference between revisions

From Planfix
Jump to: navigation, search
 
(6 intermediate revisions by the same user not shown)
Line 7: Line 7:
Integration with [https://www.okta.com/ Okta] allows your company's employees to log into Planfix and other services using a single password (Single Sign-On). This enhances convenience, security, and simplifies user account management.
Integration with [https://www.okta.com/ Okta] allows your company's employees to log into Planfix and other services using a single password (Single Sign-On). This enhances convenience, security, and simplifies user account management.
== Supported features ==
== Supported features ==
*Single Sign-On (SSO) with SAML 2.0
*IdP-initiated SSO (Single Sign-On)
*SP-initiated SSO
*Just-In-Time (JIT) provisioning
*Just-In-Time (JIT) provisioning
*SP-initiated SLO
*SCIM provisioning
*SCIM provisioning
===SCIM supported feature===
*Create users
*Update users attributes
*Deactivate users
*Import users
== Configuration steps ==
== Configuration steps ==
===Steps in Planfix:===
===Steps in Planfix:===
*Go to the '''Account management — Integrations — Single Sign-On''' section.
*Go to the '''Account management — Integrations — Single Sign-On''' section.
*Activate integration with Okta.
*Activate integration with Okta.
===Steps in Okta:===
===Steps in Okta:===
*Open the Okta administration panel in a separate tab: https://www.okta.com/.
*Open the Okta administration panel in a separate tab: https://www.okta.com/.
Line 20: Line 30:
*Search for "Planfix" in the catalog:
*Search for "Planfix" in the catalog:
*Select the Planfix application and click '''Add'''.
*Select the Planfix application and click '''Add'''.
*Follow the on-screen instructions to complete the application setup.
*Complete the application setup by following the on-screen instructions, ensuring you specify your Planfix account domain.
'''Note''': If the application is not visible in the catalog (since it’s a private app), you can use the following URL to create a new instance of the application:
**Enter your Planfix account domain (e.g., your-account.planfix.com) in the designated field during setup.
https://dev-45569685-admin.okta.com/admin/app/dev-45569685_planfix_2/instance/new/
**This domain is essential for configuring the correct SAML and SCIM endpoints for your Planfix account.
*In the application settings, go to the '''Sign On''' tab.
*In the application settings, go to the '''Sign On''' tab.
*Copy the '''Metadata URL''' link.
*Copy the '''Metadata URL''' link.
Line 28: Line 38:
*Save the integration settings in Planfix.
*Save the integration settings in Planfix.
Now, on the Planfix login page, you will have the option to authorize through SSO. Ensure that users are granted access to the Planfix application in Okta. When a new user logs in for the first time in Planfix, their account will be automatically created through the JIT (Just-In-Time provisioning) mechanism.
Now, on the Planfix login page, you will have the option to authorize through SSO. Ensure that users are granted access to the Planfix application in Okta. When a new user logs in for the first time in Planfix, their account will be automatically created through the JIT (Just-In-Time provisioning) mechanism.
== SP-initiated SSO ==
== SP-initiated SSO ==
To initiate SSO from Planfix, follow these steps:
To initiate SSO from Planfix, follow these steps:
Line 35: Line 46:
*Enter your Okta credentials and click '''Login'''.
*Enter your Okta credentials and click '''Login'''.
*You will be redirected back to Planfix and logged in automatically.
*You will be redirected back to Planfix and logged in automatically.
== Setting up SCIM Provisioning ==


== Setting up SCIM Provisioning ==
=== Steps in Okta: ===
=== Steps in Okta: ===
*Go to the settings of the Planfix application in Okta.
*Go to the settings of the Planfix application in Okta.
Line 48: Line 59:
*Set up rules in the '''To App''' section according to your organization's requirements.
*Set up rules in the '''To App''' section according to your organization's requirements.
*Also, set up rules in the '''To Okta''' section if you need to add users from Planfix to Okta.
*Also, set up rules in the '''To Okta''' section if you need to add users from Planfix to Okta.
=== Supported SCIM attributes ===
=== Supported SCIM attributes ===
The following SCIM attributes are supported for user provisioning from the schema urn:ietf:params:scim:schemas:core:2.0:User:
The following SCIM attributes are supported for user provisioning from the schema urn:ietf:params:scim:schemas:core:2.0:User:
Line 55: Line 67:
! style="font-weight: bold" | Description
! style="font-weight: bold" | Description
|-
|-
|ОСТАТ(3; 2)
|userName
|Остаток от деления 3/2
|Unique username of the user
|1
|-
|name.familyName
|User's family name
|-
|name.givenName
|User's given name
|-
|name.middleName
|User's middle name (if applicable)
|-
|emails
|List of user's email addresses
|-
|phoneNumbers
|List of user's phone numbers
|-
|active
|User's active status (true/false)
|-
|preferredLanguage
|User's preferred language
|-
|-
|ОСТАТ(-3; 2)
|locale
|Остаток от деления -3/2. Знак тот же, что и у делителя.
|User's locale
|1
|-
|-
|ОСТАТ(3; -2)
|timezone
|Остаток от деления 3/-2. Знак тот же, что и у делителя
|User's time zone
| -1
|-
|-
|}
|}

Latest revision as of 09:37, 25 April 2025

Integration with Okta allows your company's employees to log into Planfix and other services using a single password (Single Sign-On). This enhances convenience, security, and simplifies user account management.

Supported features

  • IdP-initiated SSO (Single Sign-On)
  • SP-initiated SSO
  • Just-In-Time (JIT) provisioning
  • SP-initiated SLO
  • SCIM provisioning

SCIM supported feature

  • Create users
  • Update users attributes
  • Deactivate users
  • Import users

Configuration steps

Steps in Planfix:

  • Go to the Account management — Integrations — Single Sign-On section.
  • Activate integration with Okta.

Steps in Okta:

  • Open the Okta administration panel in a separate tab: https://www.okta.com/.
  • Go to the Applications section.
  • Click on the Browse App Catalog button.
  • Search for "Planfix" in the catalog:
  • Select the Planfix application and click Add.
  • Complete the application setup by following the on-screen instructions, ensuring you specify your Planfix account domain.
    • Enter your Planfix account domain (e.g., your-account.planfix.com) in the designated field during setup.
    • This domain is essential for configuring the correct SAML and SCIM endpoints for your Planfix account.
  • In the application settings, go to the Sign On tab.
  • Copy the Metadata URL link.
  • Paste the Metadata URL link into the corresponding field in the integration settings in Planfix.
  • Save the integration settings in Planfix.

Now, on the Planfix login page, you will have the option to authorize through SSO. Ensure that users are granted access to the Planfix application in Okta. When a new user logs in for the first time in Planfix, their account will be automatically created through the JIT (Just-In-Time provisioning) mechanism.

SP-initiated SSO

To initiate SSO from Planfix, follow these steps:

  • Go to the Planfix login page.
  • Click on the Login with Okta button.
  • You will be redirected to the Okta login page.
  • Enter your Okta credentials and click Login.
  • You will be redirected back to Planfix and logged in automatically.

Setting up SCIM Provisioning

Steps in Okta:

  • Go to the settings of the Planfix application in Okta.
  • Open the General — App Settings section.
  • Enter edit mode and enable the Provisioning SCIM option.
  • Go to the Provisioning section:
  • Copy the SCIM URL and Bearer Token from the integration settings in Planfix.
  • Paste them into the corresponding fields in Okta.
  • Activate the necessary settings according to your requirements and save the changes.
  • Perform a configuration check by clicking the Test Connector Configuration button, and click Save to complete the setup.
  • Set up rules in the To App section according to your organization's requirements.
  • Also, set up rules in the To Okta section if you need to add users from Planfix to Okta.

Supported SCIM attributes

The following SCIM attributes are supported for user provisioning from the schema urn:ietf:params:scim:schemas:core:2.0:User:

Attribute Description
userName Unique username of the user
name.familyName User's family name
name.givenName User's given name
name.middleName User's middle name (if applicable)
emails List of user's email addresses
phoneNumbers List of user's phone numbers
active User's active status (true/false)
preferredLanguage User's preferred language
locale User's locale
timezone User's time zone

Go To

Retrieved from "http://planfix.com/help/index.php?title=Okta&oldid=25380"