If your team uses Okta for identity management, you can easily integrate it with Harvestr for a seamless login experience. This article will guide you through the setup process and explain how it benefits your team.
Prerequisites
All you need is the following:
a Harvestr Enterprise subscription and an account with Editor rights
Administrator access to Okta
Seting up SSO with Okta
1. Open Okta and Select Applications in the Applications menu.
โ
2. Click Create App Integration and select SAML 2.0
3. Give your app a name, like Harvestr SSO.
4. Go to the SAML SSO section of your Harvestr organization settings. Copy your ACS URL and Entity ID and paste them into the Single sign-on URL and Audience URI (SP Entity ID) fields in Okta, respectively.
5. In the Attribute Statements section of Okta, configure the following two mappings:
Name | Value |
first_name | user.firstName |
last_name | user.lastName |
Group Attribute Statements cannot be configured for now.
Select Next at the bottom to finish creating the Application.
6. To finish the setup, go to the Sign On tab of the Application in Okta and select View SAML setup instructions at the bottom of the About section on the right.
7. Copy the IDP metadata.
8. Return to the SAML SSO section of your Harvestr organization settings. Click on Enable and force SAML authentication for your organization.
Paste the IDP metadata from step 8 and select Enable and force SAML authentication.
9. Now, you can assign the Application to People and Groups in Okta.
Let teammates join your Harvestr organization with SAML SSO
Once you have set up the Okta SAML SSO, your teammates must sign into Harvestr with their Okta SSO login instead of email and password.
To have teammates join your Harvestr organization with SAML SSO, you have the following options:
invite them by email from the invites settings in Harvestr
share your organization's invite link, which can also be found in the invites settings.