Using this guide, will help you integrate MontyCloud DAY2™ platform with Okta.
When you integrate DAY2™ platform with Okta, you can:
Before you begin
Configure SSO in DAY2™
Let us start with configuring Okta in DAY2™ by logging to MontyCloud DAY2™ portal. you need to have cloud admin permissions for your DAY2™ organization
Note: DAY2 SAML Metadata is required for app integration in Okta
Let us now switch to the Okta Portal and start DAY2 app integration in Okta
Add MontyCloud DAY2™ app in Okta
To learn more about SaaS app integration with Okta checkout Create SAML app integrations using AIW | Okta
Sign into Okta portal with an account that has admin privileges
In the Admin Console, go to Applications > Applications
- Click Create App Integration
Select SAML 2.0 as the Sign-on method, click Next
5. Enter MontyCloud DAY2™ in App Name, you can upload our logo (optional)
6. We don't support IDP initiated logins in this release hence unselect "Do not display application icon to users" and Click Next
7.In Configure SAML -> A. SAML Settings -> General, uncheck "Use this for Recipient URL and Destination URL"
8. Enter the DAY2™ SAML Metadata from step 5 in Configure Okta SSO in DAY2 using the property mapping below
Single Sign-On URL
|Destination URL||Reply URL|
|Recipient URL||Sign-On URL|
|Audience URI (SP Entity ID)||Entity ID|
9.Select Email for "Application username"
10. In "Advanced settings" accept all the default settings unless your organization has different policies
11. Now in "Attributes Statements (Optional)" add the following and then click on Next once added
12. In "Feedback" Select I'm an Okta customer adding an internal app and Click Finish
13. Now go to Sign On tab and Click View SAML setup instructions. Copy the content under "Optional" and save it as XML file
Okta XML metadata is required while configuring SSO in DAY2™
User and Group Assignments
using the Assignments->Assign, make sure to add all the users and groups that need to access DAY2™ platform
Configure DAY2™ SSO
5. Next, if cloud Admin would like to set a default Role and Scope (DAY2™ Projects) for all their new incoming federated users intoPlatform then can choose to do so otherwise, leave this option as No. Click Save & Continue
Enable SSO in DAY2™
Once you have completed all the above steps, Single Sign-On Configuration has been completed in both DAY2™ (SP) and the Identity Provider (Okta).
When you are ready to accept Single-Sign On users, you can enable the newly created SSO configuration by clicking on the toggle button Enabled, then click Enable on the pop window
Congratulations!!! You are all set with Single Sign-On access to MontyCloud DAY2™ platform.