Okta Configuration

Here is how to set up a SAML application in Okta:

1. Log in to your Okta organization as a user with administrative privileges. 
2. Click on the Admin button on top-right.
3. Click on the Add Apps option visible on your right-side.
4. Click on the Create New App button.
5. In the dialog that opens, select the SAML 2.0 option, then click the Create button 
6. On the General Settings page, enter the application name, for e.g. Celoxis in the App name field, then click the Next button. 
7. For Configure SAML step, enter the following details:
   1. Single sign on URL: This is the ACS URL you will get from Celoxis
   2. Audience URI (SP Entity ID): For SaaS users, enter: https://app.celoxis.com
                                                     For On-Premise users, this will be the URL of your application.
   3. Name ID format: EmailAddress.
      
      
8. Click Next.
9. In Feedback step, select “I’m an Okta customer adding an internal app”, and “This is an internal app that we have created,” then click Finish.
10. The Sign On section of your newly created application click on View Setup Instructions. A new tab opens with the details you need to enter in Celoxis. 
11. On the People section of the application and then click on the “Assign to People” button. Select the required users and click on Done.

You are now ready to configure SSO in Celoxis. The information in the tab you opened in step 10 contains the information that you’ll need to enter in Celoxis.

Common Errors

1. Issue:  You are still prompted for credentials after clicking on Connect via SSO and entering SSO credentials.
   Solution: You have entered the ACS URL / Single sign on URL in Okta incorrectly.
    
2. Error Message: Sorry, you can't access <app name> because you are not assigned this app in Okta.
   Solution: The user who is trying to login via SSO is not assigned to the app created in Okta. Follow the step 11 mentioned above for adding the user(s) to this app.