Single Sign On with Okta using SAML
Single Sign On is mechanism where a single action of login provides access to multiple services including GpsGate server. As one of the main benefits it reduces the number of passwords you need to remember and it also decreases the time spent on login to various services.
The plugin name SAML refers to Security Assertion Markup Language standard, it defines a framework for exchanging security information between online business partners.
1. Log in to Site Admin and navigate to Plugins tab
2. In the repository update.gpsgate.com, Install Saml plugin
The setup comprises the following steps:
A. Site Admin setup
B. Choose an identity provider (OKTA and ADFS)
A. Site Admin Setup
1. Click on the Saml menu in Applications tab in Site Admin.
2. Click on Add button and select an application for single sign-on from the drop down list.
Do not click the Create button yet because will get back to this step later.
At this point you need to choose an Identity Provider that provides an endpoint for SSO and supports SAML 2.0 protocol. In this example we will show you how to use OKTA and ADFS as identity provider.
B. OKTA and ADFS setup
- Follow the ADFS configuration setup.
Once obtained, Set SAML Metadata URL for your ADFS server, it should be something like:
In case if your federation metadata file does not provide a valid HTTP-Redirect URL, you can override it by insert a custom URL in ‘Override HTTP-Redirect URL’ field.
Click Create button.
GpsGate will download the metadata in the background and pair your GpsGate application with the ADFS server.
Now you have configured the SSO.
When you visit the Single Sign On Url associated with your application, you will be automatically logged in to GpsGate when you are already logged in to ADFS.
- Follow the configure OKTA service guide.
Once obtained, paste the Metadata URL obtained in the OKTA setup, and click Create button.
GpsGate will download the metadata in the background and pair your GpsGate application with the OKTA App.
Congratulations! You successfully configured the SSO.
When you visit the Single Sign On URL associated with your application, you will be automatically logged in to GpsGate when you are already logged in to OKTA.
Note: it is possible to sign in to OKTA using Active Directory to make the login more convenient.