Okta Single Sign-On – Airbase

Recommended for:

Admin

Accountant

Manager

Spend Owner

Pricing
Okta Single Sign-On may not be available in all packages. If this does not appear in your environment, please contact Airbase Customer Success to review available options.

Okta is a secure and reliable cloud-based platform, which integrates deeply with on-premises applications, directories, and identity management systems.

With Okta, your IT team can manage an employee's access to any application or device.

If your organization subscribes to both Airbase and Okta, employees can log in to Airbase using their Okta login.

Setting up Okta for Airbase is a two-step process.

Set up Airbase in Okta.
Set up Okta in Airbase.

1. Set up Airbase in your company’s Okta Account.

Note
Only Users with Admin privilege in Okta can add Airbase to your company’s Okta instance.

Step 1: Add Airbase Application.

Go to the Applications page.
Click Add Application on the top-left corner of the page.
Search and locate the Airbase application.
Click Create New App.
Set the following parameters:
- Platform: Web.
- Sign on method: SAML 2.0.
Click Create to confirm.

Step 2: Set up the app name and logo.

To identify Airbase on our Okta dashboard, configure the name and logo of the Airbase app under the General Settings tab.

App Name: Airbase.
App Logo: Find the logo attached to this article.

Click Next to continue.

Step 3: Fetch the ACS URL from Airbase.

You need the ACS URL from Airbase to configure SAML in Okta.

User Permissions
To access the Users page in Airbase, you need Manage Users, Roles, and Departments User Permission in Airbase.

In your Airbase account:

Go to the Users section.
Click the settings icon on the top-right corner of the screen.
Enable Allow Single Sign-On with Okta on the Settings pop-up.
Click Configure SSO.
Click Continue to find the list of identity providers.
Choose Okta from the list and click Continue.
The following screen will give you the ACS URL. Make a note of it.

Important
Leave this screen on, you’ll have to come back to this screen while setting up Okta in Airbase. If you close and reopen the pop-up, the ACS URL will refresh.

Step 4: Configure SAML.

Now return to the Okta window to configure SAML.

Enter the following information on the Configure SAML page:

Single sign-on URL: Enter the ACS URL.
Audience URL: Enter the ACS URL.
Name ID format: Unspecified.
Application Username: Okta username.
Response: Signed.
Enable Single Logout: Leave the box unchecked.
Attribute Statements:
- id/Unspecified/user.email
- email/Unspecified/user.email
- lastName/Unspecified/user.lastName
- firstName/Unspecified/user.firstName

Click Next to complete the configuration.

Step 5: Download metadata.

Download metadata from Okta to use while configuring Okta in Airbase.

Go to Applications > Application.
Find the Airbase application from the list.
Go to the Sign on tab.
Scroll down to find Identify Providers's Metadata link.
Click the link; it will either download the metadata file to your device or open an XML file in a new browser tab. Save the file in .xml format.

2. Set up Okta in Airbase.

Once the SAML configuration is done, setup in Okta is complete.

Now, you need to configure Okta in Airbase to redirect Airbase Users to Okta user authentication. This is an extension of Step 3 while setting up Airbase in Okta.

Go back to the pop-up window on your Airbase account and upload the XML file from SAML configuration downloaded in Step 5.

Click Continue to Next Step to complete the configuration.

AirbaseLogo.png
6 KB Download