Skip to main content

Setting Up SSO with Okta

Support
Updated

Topics included in this article:

Overview

Single Sign-On is a way to sync sign-on across multiple applications, allowing you to log in to all applications with one user account and password.

Rhombus supports any SAML SSO (single sign-on) identity providers. This article covers how to configure SSO with Okta.

 

Single Sign-On Options

Single Sign-On (SSO) is a way to sync sign-on across multiple applications, allowing you to log-in to all applications with one user account and password.

1. Navigate to "Settings" and click "Single Sign-On."

Screenshot 2025-09-10 at 1.41.27 PM.png

 

2. Click the dropdown for "Single Sign-On" and select any of the options you wish to include.

  • Select specific users as "Recovery Users." We recommend selecting at least two.
  • Choose to enable Single Sign-On for the Rhombus Console and/or the Rhombus Key app.
  • Enable Just-In-Time User Creation if desired. Just-In-Time User Creation can be enabled to dynamically create a Rhombus user account matching the SSO login email the first time that user logs into the console.
Screenshot 2026-03-06 at 4.28.02 PM.png

 

Recovery Users

A Recovery User is a user account in your organization which bypasses SAML once enabled. 

Note: We recommend having at least two Super User Accounts as Recovery Users when enabling SSO to ensure you have a method of logging and disabling SSO in the event SAML encounters errors.

Enabling a user account as a Recovery User is performed during the SSO configuration process.

  1. Click the dropdown menu that reads "Select SSO Recovery Users."
  2. Click the checkbox beside the users you wish to set as Recover Users.
  3. Click "Save" when finished.
Screenshot 2026-03-06 at 4.44.07 PM.png

 

Okta Setup

1. Sign into your Okta account, navigate to "Applications," click "Browse App Catalog," and search "Rhombus." Select "Rhombus Systems."

Screenshot 2025-10-01 at 10.34.37 AM.png

 

2. Click "Add Integration."

Screenshot 2025-10-01 at 10.39.23 AM.png

 

3. Click "Done."

Screenshot 2025-10-01 at 10.40.22 AM.png

 

4. The Rhombus Systems application is pre-configured to pass Okta groups as part of the SAML assertion. To configure, follow these steps:

  • In Okta, select the "Sign On" tab for the Rhombus Systems app, then click "Edit."

Screenshot 2025-10-01 at 10.43.06 AM.png

 

  • Scroll down and select your preferred group filter from the "roles" dropdown list.
    • Example: Use the "Matches regex" rule with the value .* in order to send *all* groups to the Rhombus Systems for the attribute.

Screenshot 2025-10-01 at 10.45.55 AM.png

 

  • Scroll down and click "Save."

Screenshot 2025-10-01 at 10.49.29 AM.png

 

5. Navigate to the "Assignments" tab and click the "Assign" button with the dropdown icon.

Screenshot 2025-10-01 at 10.51.41 AM.png

 

  • Click "Assign to People."

Screenshot 2025-10-01 at 10.53.31 AM.png

 

6. Select the user(s) you want to assign the Rhombus app to by hitting the "Assign" button next to the desired user(s).

Screenshot 2025-10-01 at 11.00.29 AM.png

 

  • Another popup will appear. Keep the email address as the User Name and select "Save and Go Back."

Screenshot 2025-10-01 at 10.58.14 AM.png

 

  • Select "Done." 

Screenshot 2025-10-01 at 11.01.37 AM.png

 

7. Navigate back to the "Sign On" tab. 

Screenshot 2025-10-01 at 11.04.44 AM.png

 

8. Scroll down and click on the "Actions" button, then select "View IdP metadata."

Screenshot 2025-10-01 at 11.06.10 AM.png

 

9. Right-click on the page and select "View Page Source." This will change the format so the data can be properly copy and pasted. 

Screenshot 2025-10-01 at 11.08.09 AM.png

 

10. Highlight the entire page of XML data and copy. 
11. Paste the XML data into the "IDP MetaData XML" box below, then toggle the "Use Single Sign-On" button at the top to turn it on, and click "Save" in the upper right.

Screenshot 2025-10-01 at 11.16.51 AM.png

 

12. If you are adding a new user through Okta, you will then have to add the user in the Rhombus console and apply a role to the user. You can automate the process of adding users by setting up SCIM with Okta, to do that, check out this article Configure SCIM 2.0 with Okta.

 

Helpful Links

 

Contact Support or Sales

Have more questions? Contact Rhombus Support at +1 (877) 746-6797 option 2 or support@rhombus.com.

Interested in learning more? Contact Rhombus Sales at +1 (877) 746-6797 option 1 or sales@rhombus.com.

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk