Skip to main content

Setting up SSO with Okta

Rhombus Support
  • Updated

In this article below we will go over how to set up SSO with Okta via the Rhombus console and Okta console.

Okta SSO Options

Below is an image of the options offered for SSO in the Rhombus Console in the SSO section. Currently only the 'Use Single Sign-on' and 'Just In-Time User Creation' work for Okta. The option of 'Add Users on Role Mismatch' currently does not function properly.

Snip20220815_155.png

 

Recovery Users

  • A Recovery User is a user account in your organization which bypasses SAML once enabled. 
  • It is recommended the leave 2 Super User Accounts as Recovery Users when enabling SSO to ensure you have a method of logging and disabling SSO in the event SAML encounters errors.
• Enabling a user account as a Recovery User is done during the SSO configuration process.

• Any user with a Blue Checkmark will be a Recovery User

• When finished, select OK.

 ssoRecoveryUser.jpg

Setting up Okta with Rhombus is fast and easy.  Just follow the quick steps below.

Okta Setup

1. Navigate to the Applications tab on the right side of the home screen, and type 'Rhombus' into the search bar and select 'Rhombus Systems' (circled in red below)

mceclip1.png

2. On the next screen hit the add button (circled in red below)

mceclip2.png

3. On the next screen click the blue 'Done' button (circled in red below)

mceclip3.png

4. The Rhombus Systems application is pre-configured to pass Okta groups as part of the SAML assertion. In order to send user groups as part of the SAML assertion:

  • In Okta, select the Sign On tab for the Rhombus Systems app, then click Edit.

  • Select your preferred group filter from the roles dropdown list (the Regex rule with the value ".*" in order to send *all* groups to the Rhombus Systems instance we used in our example) for the attribute.

  • Click Save.

Snip20220811_147.png

5. Go to 'Assignments' tab (circled in blue below) and click on the 'Assign' button with the drop down icon and select the 'Assign to People' option

mceclip8.png

6. Select the user(s) you want to assign the rhombus app to by hitting the 'Assign' button:

mceclip9.png

Another popup will appear and you will need to hit 'Save and Go Back'

mceclip10.png

Lastly hit the blue 'Done' button at the main 'Assign Rhombus Systems to People' screen.

 

7. Click the 'Sign On' tab within the application window (circled in red below)

mceclip4.png

8. Scroll down the 'Sign On' tab and click on the 'Actions' button and then click on 'view IdP metadata' (Seen below)

Snip20220812_154.png

9. Copy the XML data in the tab that just opened up:

mceclip7.png

10. Paste the XML data into the 'IDP MetaData XML' box below, then toggle the 'Use Single Sign-On' button at the top to turn on, and then hit save in the upper right:

mceclip0.png

11. After adding the user in the Okta account to the Rhombus App. You will then have to add the user in the Rhombus console and apply a role to the user. This will now give the user the ability to log into from the Okta application.

Congratulations! You have just added Okta SSO within your Rhombus Systems console!

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk