Topics included in this article:
- Okta Custom App Creation
- Okta Custom App SSO Setup
- Okta Custom App SCIM Setup
- Creating Groups
- Linking Existing Groups
- Creating Roles
- Helpful Links
- Contact Support or Sales
Okta Custom App Creation
1. First, navigate to applications and select "new app integration."
2. Create a new app integration, select SAML 2.0, and click "Next."
3. Provide an app name and click "Next."
Okta Custom App SSO Setup
1. After providing the app name and clicking "Next," you'll be directed to the "Create SAML Integration" page.
2. First, provide the SSO URL: https://console.rhombus.com/saml/SSO.
3. Provide the SP Entity ID, which can be found in the console by navigating to Settings > Single Sign-On > SSO > SP Entity ID.
4. Set the "Name ID Format" to "EmailAddress."
5. Select "I am an Okta Customer," then click "Finish."
6. Scroll down to "SAML Signing Certificates," click "Actions," and select "View IdP metadata."
7. You will be directed to a page displaying metadata. Copy the provided metadata.
8. After copying the metadata, log in to the Rhombus Console, navigate to "Settings," click "Single Sign-On," click the "Single Sign-On" dropdown menu, and enable the "Use Single Sign-On for Rhombus Console" toggle. Paste the copied metadata into the IDP MetaData XML box, and click "Save."
9. After completing this step, you have successfully set up SSO for the custom app and can begin setting up SCIM.
Okta Custom App SCIM Setup
1. Navigate to your Okta custom app, select the "General" tab, and click "Edit" on the app settings page.
2. Select SCIM for provisioning. Once complete, click "Save."
3. Select "Provisioning," and click "Edit."
4. On the "Supported provisioning actions" line, select "Push New Users," "Push Profile Updates," or "Push Groups," and on the "Authentication Mode" drop-down, select "HTTP Header."
5. In the Rhombus Console, navigate to "Settings," and click "Single Sign-On." In the "SCIM" dropdown menu, click "Setup," and copy the "Token" string.
6. Once copied, add the token string in the "Authorization" field in the Okta Console.
7. Copy the "Endpoint URL" above the Token and add it to the "SCIM Connector base URL" field.
8. For the "Unique identifier field for users," enter "email."
9. Once complete, click "Test Connector Configuration," and a checkmark should appear next to "Create Users," "Update User Attributes," and "Push Groups." Next, click "Save."
10. On the next page click "Edit," and enable "Create Users", "Update User Attributes," and "Deactivate Users."
11. You can either create groups in Okta that will push over to the Rhombus Console or link groups already created in the Rhombus Console over to Okta.
Creating Groups
1. Navigate to the directory on the left selection bar and select "Groups."
2. Select "Add Group" and give the group a name.
3. Select "People" from the header, then select "Assign People," and select which user should be designated to their associated group.
4. Navigate to "Applications" on the left selection bar, select "Push Groups" from the header, and type in the created group. Select the group, and click "Save."
Linking Existing Groups
1. To link existing groups, follow the first steps from the Creating Groups section and make sure to type in the same name as the group you wish to link in the console.
2. Type in the linked group name, select "Link Group" and click "Save."
Creating Roles
1. Once your push groups are active, navigate to "Provisioning," select "Profile Editor," and click "add Attribute." Variable name is a required field.
External namespace: urn:ietf:params:scim:schemas:core:2.0:User
2. Click "Save," navigate back to the application, and click "Assignments." The role can then be assigned to an individual or a group.
3. At the bottom of the page in the "Roles" section, type in the role name that matches the existing role in the console. Click "Save" when finished.
Helpful Links
Contact Support and Sales
Have more questions? Contact Rhombus Support at +1 (877) 746-6797 option 2 or support@rhombus.com.
Interested in learning more? Contact Rhombus Sales at +1 (877) 746-6797 option 1 or sales@rhombus.com.
Comments
0 comments
Please sign in to leave a comment.