Skip to main content

Setting up Single-Sign On with Okta

SSO is a way to allow users to access various service providers using a single username and password by relying on a single identity provider.

In this scenario, Talon.One is the service provider and the supported identity provider is Okta.

This procedure describes how to connect Talon.One to Okta to allow users to log in directly from their Okta account. For more information about Okta, see their integration documentation.

Prerequisites#

  • You have an Okta account for your company.
  • You have admin rights in Okta.
  • You have admin rights in Talon.One.

Configuring Okta as an identity provider#

To connect Okta to Talon.One, create a new app in Okta:

  1. Open your Okta account and click Admin.
  2. Click Applications in the top menu, and click Create New App.
  3. Select the following values:
    • Platform: Web
    • Sign on method: SAML 2.0
  4. Click Create. The app's general settings page opens.
  5. Choose a name for the application, for example Talon.One and click Next.
  6. In https://<tenant_name>.talon.farm/v1/saml_connections/1/saml_callback, replace <tenant_name> to match your Talon.One base URL and paste it in the following fields:
    • Single sign on URL
    • Audience URI (SP Entity ID)
  7. Click Next.
  8. Select I'm an Okta customer adding an internal app and click Finish.
  9. Click View Setup Instructions. The page displays the Identity Provider Single

Sign-On URL, The Identity Provider Issuer, the X.509 Certificate, and the IDP metadata.

Keep this page open in your browser. The app is ready in Okta. Let's use some of the information provided by Okta to configure Talon.One.

Configuring Talon.One for SSO#

  1. In a different browser tab, connect to your Talon.One portal and click Account > Organization > Single Sign-On.
  2. Type a name in the Connection name field. For example Okta.
  3. Select either Using a URL and a Certificate or Using an Identity Provider (IdP) file.
  4. If you selected Using a URL and a Certificate:
    • Copy the value of the Identity Provider Single Sign-On URL field provided by Okta and paste it in the Sign-On URL field.
    • Copy the value of the Identity Provider Issuer field provided by Okta and paste it in the Issuer URL field.
    • Copy the value of the X.509 Certificate field provided by Okta and paste it in the SSO certificate field.
  5. If you selected Using an Identity Provider (IdP):
    • Save the value of the Provide the following IDP metadata to your SP provider field provided by Okta to an XML file.
    • In Talon.One, click Choose XML and browse to the XML file.
  6. Check SSO enabled.
  7. Click Save.

You can now assign the Talon.One app to users in Okta to allow them to connect to Talon.One with their Okta account.

Refer Assigning an application to user for more information.