Skip to main content

OKTA - Single Sign On

Tom Noonan
  • Updated

 

This document provides guidelines on how to configure Workvivo to authenticate via Single Sign On (SSO) using OKTA as the identity provider (IdP) solution in a SAML2 SSO configuration.

 

1. Adding Workvivo to Okta - Setting up Single Sign On

 

From the Applications Tab select ‘Create App Integration’

 

 

Select ‘SAML 2.0’ and click ‘Next’

 

Give your app a name e.g. Workvivo provide an optional App Icon.

 

If you would like to hide the Workvivo App from employees please select ‘Do not display application icon to users’ and click 'Next'

Configure SAML & SSO

 

To set up SAML you will need to fill in the below sections; 

  • Single sign-on URL: https://[companyname].workvivo[.com][.us][.me]/saml/acs
  • Audience URI (SP Entity ID): https://[companyname].workvivo[.com][.us][.me]/saml/metadata
  • Name ID Format: EmailAddress
  • Application username: Email

*Note - Depending on whether your Workvivo instance is hosted on our EU, US, or UAE data center, make sure you enter the correct domain. It will either be workvivo.com, workvivo.us, or workvivo.me. The format may also differ if your organisation has configured a custom domain name for Workvivo. If you do not know your Workvivo domain name, please contact our Support team at support@workvivo.com for assistance. 

 


Scroll to the end and click ‘Next’

 

For the Feedback section select 'It's required to contact the vendor to enable SAML' and 'Finish'

 

 

2. Complete the configuration on Workvivo 

 

If your full employee base will be using SSO authentication for Workvivo, you can plug in the metadata directly on Workvivo.

Firstly you will need the "IT Administrator" role on Workvivo, an Admin can grant this role for you or your Workvivo point of contact.

Once you have been granted this role, navigate to the Admin section > Authentication Settings 

Change the Authentication Mode to SAML 

For the metadata you can find these values under ‘View SAML Setup Instructions’ on your Sign On screen in Okta

 

1. Identity Provider Issuer = SAML IDP Entity ID URL

2. Identity Provider Single Sign-On URL = SAML Single Sign On Service URL

3. X.509 Certificate  = SAML X509 Certificate

 

 

 

 

If you have some password based users or have multiple single sign-on tenants please contact our Support team at support@workvivo.com who will assist you with this configuration.

Related articles