In this article below we will go over how to set up SSO with Okta via the Rhombus console and Okta console.
Okta SSO Options
Below is an image of the options offered for SSO in the Rhombus Console in the SSO section: Use Single Sign-On for Rhombus Console and Just-In-Time User Creation
- A Recovery User is a user account in your organization which bypasses SAML once enabled.
- It is recommended to leave 2 Super User Accounts as Recovery Users when enabling SSO to ensure you have a method of logging and disabling SSO in the event SAML encounters errors.
|• Enabling a user account as a Recovery User is done during the SSO configuration process.
• Any user with a Blue Checkmark will be a Recovery User
• When finished, select OK.
Setting up Okta with Rhombus is fast and easy. Just follow the quick steps below.
1. Navigate to the Applications tab on the right side of the home screen, and type 'Rhombus' into the search bar and select 'Rhombus Systems' (circled in red below)
2. On the next screen hit the add button (circled in red below)
3. On the next screen click the blue 'Done' button (circled in red below)
4. The Rhombus Systems application is pre-configured to pass Okta groups as part of the SAML assertion. In order to send user groups as part of the SAML assertion:
In Okta, select the Sign On tab for the Rhombus Systems app, then click Edit.
Select your preferred group filter from the roles dropdown list (the Regex rule with the value ".*" in order to send *all* groups to the Rhombus Systems instance we used in our example) for the attribute.
5. Go to 'Assignments' tab (circled in blue below) and click on the 'Assign' button with the drop down icon and select the 'Assign to People' option
6. Select the user(s) you want to assign the rhombus app to by hitting the 'Assign' button:
Another popup will appear and you will need to hit 'Save and Go Back'
Lastly hit the blue 'Done' button at the main 'Assign Rhombus Systems to People' screen.
7. Click the 'Sign On' tab within the application window (circled in red below)
8. Scroll down the 'Sign On' tab and click on the 'Actions' button and then click on 'view IdP metadata' (Seen below)
9. Copy the XML data in the tab that just opened up:
10. Right-click on the white part of the XML screen and select 'View Page Source' to change the format. It should look like this:
Next, copy and paste the XML data into the 'IDP MetaData XML' box below, then toggle the 'Use Single Sign-On' button at the top to turn it on, and then hit save in the upper right:
11. If you are adding a new user through Okta, you will then have to add the user in the Rhombus console and apply a role to the user. You can automate the process of adding users by setting up SCIM with Okta, to do that, check out this article How to configure SCIM 2.0 with Okta.
Congratulations! You have just added Okta SSO within your Rhombus Systems console!
Have more questions? Contact Rhombus Support at +1 (877) 746-6797 option 2 or email@example.com.
Interested in learning more? Contact Rhombus Sales at +1 (877) 746-6797 option 1 or firstname.lastname@example.org.