InSided SSO with Okta

  • 8 April 2021
  • 6 replies
  • 337 views

Does anyone have experience setting up and integrating InSided’s SSO functionality with Okta? 

 

Thanks!


6 replies

Badge

Hiya @rrodrigues !

I don’t have any access to any Control environments yourself, but I believe this is possible to do by making use of SAML. There’s documentation that you can find at https://www.insided.com/docs/single-sign-on which might help here. I’ve also found a guide which might make things a little easier.

I’ve never attempted to set up SSO stuff myself, but hopefully these guides should get things working.

Userlevel 2
Badge +3

I actually remember assisting 1-2 SSO migrations to Okta recently (I have no technical role but I do remember the name). I doubt the actual developers working on this are active here, but if necessary, maybe we can connect you to them. I think they used OpenID in their implementation.

Do you have a special use case or question that is not covered in our documentation? We should have the knowledge to help you with the basics of setting this up, at least I don’t recall any bigger hurdles during these projects.

We are also trying to add SSO in Okta for our internal employees to Insided. 

There’s 2 methods that we can do: a) SAML: where users will be able to login to their accounts through Okta. b) Provisioning: where users can have their account get automatically created for them through Okta. Ideally we’d want to have both.


Is there a specific guide on how to connect Insided to Okta? I can’t find anything specific just the SAML 2.0 guide.
Does Insided have an existing app in Okta? if not our team may be able to create one.

 

Thanks! @Vishwas Katti 

Badge +1

Hi @kyliehu,

Great questions, thank you!

We do not have a specific vendor guide, it’s dependent on the protocol. Your Okta admin will be able to use the SAML2 guide without any issue if all is well. Otherwise, please let us know and we’ll happily amend the guide.

When setting up SSO, it can be wise to make sure the whole flow is in the SSO tool. Meaning there is no signup happening in inSided directly. You’d redirect the login button and account creation both and disable username/password login to inSided. 

Otherwise you can use the IdentityAccess.UserRegistered webhook or New User Zapier step to provision accounts for new users.

 

We do not have an existing app in Okta, that could be an interesting idea though! Would love to hear @Sebastian ‘s opinion on this :) 

Userlevel 1
Badge

I'd love to be able to log our mods in to the control side of things through an OKTA tile, that way we can use the OKTA password and 2FA to access control, rather than having a different password to InSided. Already now they log in to front-end through OKTA, but not the employee side of things.

Is there a way to “de-provision” via Okta for employees who have left the company?

Reply