Setting up SAML based SSO with Okta

There are 4 steps for enabling SSO with Okta

1. Create the Okta application
2. Provide the IDP details in the Manifestly form
3. Test using the custom link you established in step 2
4. Activate SSO for your account

Once activated, all users will be required to authenticate with Okta SSO in order to sign into Manifestly Checklists.

Create the Okta application

• Log in to your okta account and click admin ( a new pop up will open)
• In the new pop-up, go to Applications > applications
• Click “Create app integration”, and choose saml 2.0
  • Step 1, fill name of the app to be displayed in okta and logo
  • Step 2:
    • Set Single sign on URL to https://app.manifest.ly/users/saml/auth
    • Set Audience URI (SP Entity ID) to https://app.manifest.ly/users/saml/metadata
    • Skip Default RelayState
    • Set Name ID format to Email Address
    • Keep Application Username set to Okta username
    • Keep Update application username on Create and Update
    • Create 3 Attributes statements: [name (Name format) – value]
      • first_name (unspecified) – user.firstName
      • last_name (unspecified) – user.lastName
      • email (unspecified) – user.email
    • Skip the Group attribute statements section
    • Click Next
  • Step 3, Answer the question on customer/software vendor
  • Step 4: Click to view Setup Instructions (You can always view these setup instructions by going to Okta application > sign on click view setup instructions)
  • Step 5: Add people to this application who you want to be able to sign in with Okta
• At this point, the app configuration in okta is done, we need to configure app.manifest.ly to authenticate via okta saml

Set up Manifestly SSO with your Okta settings

• Next, navigate to the SSO Tab of your Manifestly settings or click this link: https://app.manifest.ly/saml_single_sign_on/new
• Choose your account’s custom sign in URL. This will be where your users will sign into manifestly. (example: https://app.manifest.ly/a/yourcompanyname)
• Copy the Okta Identity Provider Single Sign-On URL into the Manifestly form field: SAML URL
• Copy the Okta Identity Provider Issuer into the Manifestly form field: SAML Entity
• Copy the Okta x.509 cert into the Manifestly form field: SAML Cert

Test using the custom link you set up above

At this point, you should be able to sign in using SAML.

To test this, open a different browser and navigate to the custom sign in URL you created above and click to sign in using Okta.

Make this SSO active

Go back to the tab with your SAML SSO settings and activate the SSO. At this point, all users in your account will be required to sign in using SSO.