Setting up okta

We will set up okta SAML2.0 authentication to log in to your ovice account.

If you have already set up SAML authentication for multiple spaces in a hierarchical structure (building), please refer to the following:
SAML authentication settings for a hierarchical structure (building)

 

Advance Preparation

1. Make sure you have the necessary permissions to set it up

  • okta admin privileges
  • ovice admin privileges

2. Click the three dots in the space header and select the "Space" tab.
*If you are not the organization owner, there is no need to select a tab.

space-settings.png

3. Go to "Space Settings" → "Space Access Settings" → "Member Whitelist Rules" and click "Email Account Authentication"

4. Select the "SSO" tab

Screenshot_2023-03-24_at_2.39.00_PM.png

5. Click the + button next to "SAML Authentication Setup"

6. Enter any name in the IdP name field.

This name will appear on the space URL login screen.

Screenshot_2023-03-29_at_1.38.27_PM.png

7. Enter "." (or an appropriate string) for Entity ID, IdP Login URL, and IdP x509 cert.

*The correct input values ​​will be set later.

8. Enter the space URL (https://app.ovice.com/ws/◯◯/) in the IdP logout URL

Screenshot 2024-04-12 5.08.45pm.png

9. Select the redirect destination

Select the screen each user will be redirected to when they log in.

space Redirect into space
lobby Redirect to the lobby screen (space list)

 

10. Click "Save"

11. Click on the SAML settings you saved

Screenshot_2023-03-29_at_1.40.24_PM.png

Do not close the ovice settings screen in this state.

 

Setting up okta

1. Log in to okta's IDP with administrator privileges

2. Click "Applications" on the sidebar

Screenshot_2023-03-29_at_1.44.59_PM.png

3. Click "Create App Integration"

4. Select "SAML 2.0" and click "Next"

5. Enter any app name in "App name" and click "Next"

*As an option, you can also change the app's logo image.

6. Copy and paste the items displayed on the ovice screen you prepared in  advance to the Okta side.

ovice setting screen (copy source) okta settings screen (paste destination)
Identifier Audience URI (SP Entity ID)
Reply URL Single sign-on URL

 

7. Scroll down the screen and click the "Next" button.

8. For "Are you a customer or partner?", select the appropriate item and click "Finish"

9. Select "Applications" from the sidebar and click "Assign to Users" from the ▼ of the app you created.

Screenshot_2023-03-30_at_11.22.11_AM.png

10. Click "Assign" next to the user

11. Click "Save and Go Back" and confirm that the display next to the user has changed to "Assigned".

12. Click the app you created in the "Applications" section on the sidebar.

13. Select the "General" tab and click "Edit" under "SAML settings".

Screenshot_2023-03-30_at_1.45.56_PM.png

14. Click "Next"

15. Add the following two items to "Attribute Statements (optional)"

Name field Value item
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname user.firstName
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress user.email

 

16. Click "Next" → "Finish"

17. Select the "Sign On" tab and click "View Setup Instructions"

Screenshot_2023-03-30_at_8.46.11_AM.png

Do not close the okta settings screen while "How to Configure SAML 2.0 for XX" is displayed.

 

ovice Settings

1. Click "Edit" for the SAML created on the ovice side in Advance Preparation

Screenshot_2023-03-24_at_3.52.34_PM.png

2. Copy and paste each item on the screen that opens in step 17 of  the Okta settings to ovice.

okta settings screen (source) ovice setting screen (paste destination)
Identity Provider Single Sign-On URL IdP Login URL
Identity Provider Issuer Entity ID
X.509 Certificate IdP x509 cert

 

Screenshot_2023-03-30_at_8.53.38_AM.png

*In the image above, the ovice setting screen is on the left and the okta setting screen is on the right.

3. Click "Save"

[Optional] How to add SAML authentication to permission settings

By combining the publishing  and  Space Access Settings, you can allow only users who have authenticated with SAML to access the space.

4. Scroll down the screen and check the SAML authentication settings you created under "Activate SSO authentication".

5. Click "Save"

 

Log in using okta

Please refer to the following and try logging in.
Log in with the space's own SSO (SAML authentication, etc.)

 

If you fail to log in using okta

Please check the following:

 

Set up common SAML authentication for spaces in a hierarchical structure (building)

If you want to use the SAML authentication you set up in other spaces in the building, you will need to cite it in the new space you want to set up. See below for how to set it up.
Inheritance Settings

Articles in this section

See more