Set up an Okta SSO configuration (Edify Console)
This article explains how to set up an Okta SSO configuration in Edify Console.
In this article
Single sign-on is initiated via the Edify application.
Install the Edify application via your Okta instance.
Part 1: Setting up Okta for Edify
Follow the steps below to get Okta set up to be an SSO provider for Edify.
Note: You must have administrator privileges in Okta to perform these steps.
1. Log into your Okta account.
2. From the administrator dashboard, navigate to Applications > Applications.
3. Click Browse App Catalog.
4. In the search bar, search for Edify.
a. A Matching search result should appear called "Edify".
b. Click the search result to begin adding the app integration to Okta.
5. Click Add Integration.
6. After clicking Add Integration, the integration is added to your Okta account. Navigate to the Sign On tab.
7. Make note of the following pieces of information (these will be required to make an API request):
a. Client ID
b. Client secret
8. While still on the Sign On tab, scroll down until you see an information modal that says “OpenID Connect is not configured until you complete the setup instructions.”
9. Click the OpenID Provider Metadata link to open a JSON file of configuration information.
The location of the client ID, client secret, and link to the OpenId Provider Metadata (which contains the issuer url)
10. A JSON document will open in a new tab or window.
a. Look for the first key:value pair with the key "issuer" (see the screenshot below)
b: Make note of the URL value, as this is also required along with the Client ID and client secret to make an API request.
The “issuer” key:value pair (annotated above) contains a URL you’ll need
when creating the auth provider with Edify API.
Part 2: Adding an auth provider with Edify API
The next step is to add a new authentication provider to Edify via Edify API (as there’s no menu in the user interface to accomplish this at this time).
You can use any tool you prefer for making API requests, but for the purposes of this article we will use Postman.
11. Use the Create Auth Provider route of Edify API to add an auth provider option to your organization's Edify account.
a. HTTP method: POST
b. URL: https://api.edify.cx/v4/authProviders/okta
c. Request body:
i. displayName: Used for identification in Edify. Can be any string.
ii. clientId: The Client Id collected in step 7.
iii. clientSecret: The Client Secret collected in step 7.
iv. issuer: The Issuer URL collected in Step 10.
12. Once you’ve sent the API request, you should receive the unique ID of the auth provider record as confirmation that the request was successful. You don’t need to do anything with this value; it simply indicates that the request was successful.
Edify API will return the ID of the auth provider upon successful creation.
You don’t need to do anything with this value; it simply indicates that the request was successful.
13. Log into Edify Console at console.edify.cx.
a. You can choose to either set your authentication provider for the whole account or for individual users.
b. To set authentication for the whole account:
i. Navigate to Account > Account Settings.
ii. In the Auth Provider field, choose your newly created Okta provider.
c. To set authentication for individual users:
i. Navigate to Account > Users > [User]
ii. In the Auth Provider field in the Basic container, choose your newly created Okta provider.
Part 3: User setup and testing
Now, we will look at how to set up a user for logging in with SSO via Okta in Edify.
14. In Okta, confirm that you have a user set up who’d log into Edify via SSO. Their email address should correspond to their email address in Edify.
In the screenshot above, Bennie Franks’ email address in Okta is the same as in Edify.
This is the email he’ll use to sign into Edify via Okta.
15. Click on the user you'd like to configure.
16. Click the Assign Applications button.
17. A list of your applications in Okta should appear in a list. Locate Edify and click Assign.
18. Next, confirm that you've either:
a. Set Okta as the account-wide authentication method (see step 13 b)
b. Configured your user in Edify COnsole to use Okta as their authentication method (see step 13 c)
Part 4: Log in to Edify with Okta
The final step is to test the configuration log in to Edify with Okta.
20. Enter the email address of the user configured for SSO.
21. After providing the login email, your browser will redirect you to an Okta sign-on page. Enter your Okta password and follow any other instructions (like two-factor authentication) to log into Edify.