Integrate Okta with FileCloud
To integrate with the Okta browser plugin, please see Integrate with Okta using browser plugin.
When FileCloud is integrated with Okta, Okta is configured as an Identity Provider (IdP) and FileCloud acts as the Service Provider (SP).
To configure FileCloud with Okta:
- Log in to your Okta-issued URL, which has the format: https://yourdomain-admin.okta.com/admin/dashboard
- After successful login to Okta, go Applications > Applications, and click Create App Integration.
- In the Create a new app integration screen, select SAML 2.0, and click Next.
- In the General Settings tab of the Create SAML Integration screen, enter a name for App name, and click Next.
- In the SAML Settings screen, set the values as follows:
- Set Single sign on URL to the FileCloud assertion URL http://<your domain>/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp
- Set Audience URI (SP Entity ID) to http://<your domain>/simplesaml/module.php/saml/sp/metadata.php/default-sp
- Set Default Relay State to http://<your domain>/auth/samlsso.php
Under Attribute Statements, the attribute names must match the names set in the FileCloud admin portal in Settings > SSO for Idp Username Parameter, Idp Email Parameter, Idp Given Name Parameter, and IDP Surname Parameter.
Set the Values for the Attribute Statements to the values shown in the screenshot.
- Click the Feedback tab of the Create SAML Integration screen, then select I'm an Okta customer adding an internal app, and click Finish.
- Go to the Sign On tab, and click View Setup Instructions to view FileCloud SSO configuration details .
A screen with information similar to the first image in the table below opens.
Use the details in this screen to configure the settings in the FileCloud admin portal's Settings > SSO screen and to create a saml.crt file.
Using the IDP Metadata text under Optional:
(1) Copy the entityID field from the text box into Idp Endpoint URL or EntityID in FileCloud admin UI interface under Settings > SSO.
(2) Confirm that the text in the IDP Metadata box is the same as the text in Idp Meta Data in FileCloud admin UI interface under Settings > SSO.
Click Download certificate, then copy the certificate file and rename it to saml.crt.
Copy the saml.crt file in the FileCloud server in the following place <FileCloud WEB ROOT>/thirdparty/simplesaml/cert.
Okta Setup Instructions FileCloud SSO Settings
Now assign the Okta FileCloud integration to users so they can log in with Okta.
Click the Assignments tab in Okta.
In the Assign drop-down list, choose Assign to People.
A list of users who have both Okta and FileCloud accounts opens.
- Select users from the list to allow them to sign in to FileCloud using Okta.
Once the application is created and FileCloud is configured you can start using single sign-on with Okta from FileCloud.
Log in to FileCloud using Single Sign-on with Okta
Users can sign in to the user portal or admin portal with SSO using Okta.
- In the FileCloud login screen, the user chooses Log in with SSO.
If the user is already logged in to Okta, they are automatically logged in to FileCloud.
If the user not logged in to Okta, they are first redirected to the Okta sign in page, and after signing in to Okta, they are immediately redirected to FileCloud and logged in.