Skip to main content

Setting up SSO with Okta

Rhombus Support
Updated

In this article below we will go over how to set up SSO with Okta via the Rhombus console and Okta console.

Okta SSO Options

Below is an image of the options offered for SSO in the Rhombus Console in the SSO section: Use Single Sign-On for Rhombus Console and Just-In-Time User Creation 

Screenshot

 

Recovery Users

  • A Recovery User is a user account in your organization which bypasses SAML once enabled. 
  • It is recommended to leave 2 Super User Accounts as Recovery Users when enabling SSO to ensure you have a method of logging and disabling SSO in the event SAML encounters errors.
• Enabling a user account as a Recovery User is done during the SSO configuration process.

• Any user with a Blue Checkmark will be a Recovery User

• When finished, select OK.

 ssoRecoveryUser.jpg

Setting up Okta with Rhombus is fast and easy.  Just follow the quick steps below.

Okta Setup

1. Navigate to the Applications tab on the right side of the home screen, and type 'Rhombus' into the search bar and select 'Rhombus Systems' (circled in red below)

mceclip1.png

2. On the next screen hit the add button (circled in red below)

mceclip2.png

3. On the next screen click the blue 'Done' button (circled in red below)

mceclip3.png

4. The Rhombus Systems application is pre-configured to pass Okta groups as part of the SAML assertion. In order to send user groups as part of the SAML assertion:

  • In Okta, select the Sign On tab for the Rhombus Systems app, then click Edit.

  • Select your preferred group filter from the roles dropdown list (the Regex rule with the value ".*" in order to send *all* groups to the Rhombus Systems instance we used in our example) for the attribute.

  • Click Save.

Snip20220811_147.png

5. Go to 'Assignments' tab (circled in blue below) and click on the 'Assign' button with the drop down icon and select the 'Assign to People' option

mceclip8.png

6. Select the user(s) you want to assign the rhombus app to by hitting the 'Assign' button:

mceclip9.png

Another popup will appear and you will need to hit 'Save and Go Back'

mceclip10.png

Lastly hit the blue 'Done' button at the main 'Assign Rhombus Systems to People' screen.

 

7. Click the 'Sign On' tab within the application window (circled in red below)

mceclip4.png

8. Scroll down the 'Sign On' tab and click on the 'Actions' button and then click on 'view IdP metadata' (Seen below)

Snip20220812_154.png

9. Copy the XML data in the tab that just opened up:

mceclip7.png

10. Right-click on the white part of the XML screen and select 'View Page Source' to change the format. It should look like this:

Screenshot

 

Next, copy and paste the XML data into the 'IDP MetaData XML' box below, then toggle the 'Use Single Sign-On' button at the top to turn it on, and then hit save in the upper right:

mceclip0.png

11. If you are adding a new user through Okta, you will then have to add the user in the Rhombus console and apply a role to the user. You can automate the process of adding users by setting up SCIM with Okta, to do that, check out this article How to configure SCIM 2.0 with Okta.

 

 

Congratulations! You have just added Okta SSO within your Rhombus Systems console!

 

Have more questions? Contact Rhombus Support at +1 (877) 746-6797 option 2 or support@rhombus.com.

Interested in learning more? Contact Rhombus Sales at +1 (877) 746-6797 option 1 or sales@rhombus.com.

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk