Okta is a secure and reliable cloud-based platform that integrates deeply with on-premises applications, directories, and identity management systems.
With Okta, your IT team can manage an employee's access to any application or device.
If your organization subscribes to both Airbase and Okta, employees can log in to Airbase using their Okta login.
Setting up Okta for Airbase is a two-step process.
1. Set up Airbase in your company’s Okta Account.
Only users with Admin privilege in Okta can add Airbase to your company’s Okta instance.
Step 1: Add Airbase Application.
Log in to Okta Admin Console and follow the instructions below:
- Go to the Applications page.
- Click Add Application on the top-left corner of the page.
- Search and locate the Airbase application.
- Click Create New App.
- Set the following parameters:
- Platform: Web.
- Sign on method: SAML 2.0.
- Click Create to confirm.
Step 2: Set up the app name and logo.
To identify Airbase on our Okta dashboard, configure the name and logo of the Airbase app under the General Settings tab.
- App Name: Airbase.
- App Logo: Find the logo attached to this article.
Click Next to continue.
Step 3: Fetch the ACS URL from Airbase.
You need the ACS URL from Airbase to configure SAML in Okta.
You need Manage Users, Roles, and Departments User Permission to access the Users section in Airbase.
In your Airbase account:
- Go to the Users section.
- Click the settings option (gear icon) on the top-right corner of the screen.
- You will find the Settings pop-up with SSO options listed.
- Enable Allow SAML Sign-on Providers.
- Click Configure SSO with Okta.
- The following screen will give you the ACS URL. Make a note of it.
- In the Domains field, enter the email domains of your employees that you want to allow for SSO (Single Sign-On) login. This means that only employees with email addresses from these domains will be able to use SSO to log in.
Leave this screen on; you’ll have to come back to this screen while setting up Okta in Airbase. If you close and reopen the pop-up, the ACS URL will refresh.
Step 4: Configure SAML.
Now return to the Okta window to configure SAML.
Enter the following information on the Configure SAML page:
- Single sign-on URL: Enter the ACS URL.
- Audience URL: Enter the ACS URL.
- Name ID format: Unspecified.
- Application Username: Okta username.
- Response: Signed.
- Enable Single Logout: Leave the box unchecked.
-
Attribute Statements:
- id/Unspecified/user.email
- email/Unspecified/user.email
- lastName/Unspecified/user.lastName
- firstName/Unspecified/user.firstName
Click Next to complete the configuration.
Step 5: Download metadata.
Download metadata from Okta to use while configuring Okta in Airbase.
- Go to Applications > Application.
- Find the Airbase application from the list.
- Go to the Sign on tab.
- Scroll down to find Identify Providers's Metadata link.
- Click the link; it will either download the metadata file to your device or open an XML file in a new browser tab. Save the file in .xml format.
2. Set up Okta in Airbase.
Once the SAML configuration is done, the set up in Okta is complete.
Now, you must configure Okta in Airbase to redirect Airbase Users to Okta user authentication. This is an extension of Step 3 while setting up Airbase in Okta.
Return to the pop-up window on your Airbase account and upload the XML file from SAML configuration downloaded in Step 5.
Click Save Changes to complete the configuration.
You can also test the connection using the Test Connection option. You will be redirected to a new page that you can close once the connection is tested successfully.
Edit Configuration
Update the Metadata URL, or list of domains for Okta SSO anytime using the Edit Configuration option on the Settings pop-up. It will open the configuration pop-up with all the details populated.