Okta SSO Integration
If your organization uses Okta to manage your employees access to tools and services, you can take advantage of Okta’s “Single Sign-On” feature that allow users to enter one name and password to access multiple applications, including Base-B.
The integration between Okta and Base-B that enables this SSO to occur is built around an industry-standard protocol known as SAML (Security Assertion Markup Language). To learn more about how Okta works with SAML, please see this article.
The remainder of this guide is focused on enabling you to configure both Base-B and Okta to get provisioning up and running for your organization.
Features
Requirements
Configuration Steps
Known Issues/Troubleshooting
The following provisioning features are supported:
IdP-initiated SSO: Identity Provider-initiated Single Sign-On. A single sign-on operation that was started from the IdP Security Domain. The IdP federation server creates a federation SSO response and redirects the user to the SP with the response message and an optional operational state.
SAML single sign-on are only available to paying customers.
Configure single sign-on as follows.
In the OKTA administrative panel, in Applications > Applications, browse the app catalog and search for the "Base-B" app. After finding it, select the application and click "Add Integration"
In General Settings, fill in the Base URL field with the value "https://api.baseb.app" for the production environment or "https://api.baseb.xyz" for the homologation environment, and click "Done".
In the OKTA administrative panel, in Applications > Applications, access the Base-B application recently added and go to the "General" tab.
In the "App Embed Link" area, copy your company's Okta url, this value will be used later:
In the "Sign On" tab of the Base-B application in Okta, view and copy the certificate (only the content of the ds:X509Certificate tag), this value will be used later:
In Settings > Integrations > Applications, enable the Okta integration:
Fill in the fields according to the information previously obtained and set the audience field to the value "baseb", see the example in the following image:
That's it, the integration with Okta is complete.
If you have questions or difficulties with your Base-B/Okta SSO integration, please contact Base-B support via suporte@baseb.com.br
The integration between Okta and Base-B that enables this SSO to occur is built around an industry-standard protocol known as SAML (Security Assertion Markup Language). To learn more about how Okta works with SAML, please see this article.
The remainder of this guide is focused on enabling you to configure both Base-B and Okta to get provisioning up and running for your organization.
Contents
Features
Requirements
Configuration Steps
Known Issues/Troubleshooting
Features
The following provisioning features are supported:
IdP-initiated SSO: Identity Provider-initiated Single Sign-On. A single sign-on operation that was started from the IdP Security Domain. The IdP federation server creates a federation SSO response and redirects the user to the SP with the response message and an optional operational state.
Requirements
SAML single sign-on are only available to paying customers.
Configuration Steps
Configure single sign-on as follows.
Enable single sign-on functionality
In Okta
In the OKTA administrative panel, in Applications > Applications, browse the app catalog and search for the "Base-B" app. After finding it, select the application and click "Add Integration"
In General Settings, fill in the Base URL field with the value "https://api.baseb.app" for the production environment or "https://api.baseb.xyz" for the homologation environment, and click "Done".
In the OKTA administrative panel, in Applications > Applications, access the Base-B application recently added and go to the "General" tab.
In the "App Embed Link" area, copy your company's Okta url, this value will be used later:
In the "Sign On" tab of the Base-B application in Okta, view and copy the certificate (only the content of the ds:X509Certificate tag), this value will be used later:
In Base-B
In Settings > Integrations > Applications, enable the Okta integration:
Fill in the fields according to the information previously obtained and set the audience field to the value "baseb", see the example in the following image:
That's it, the integration with Okta is complete.
Known Issues/Troubleshooting
If you have questions or difficulties with your Base-B/Okta SSO integration, please contact Base-B support via suporte@baseb.com.br
Updated on: 09/05/2023
Thank you!