We assume you have already set-up Okta as your Identity Provider.
1 – Login to your Admin dashboard at Okta. Select the Applications tab and then Add Application
2 – Select Create New App and select a Web app with SAML 2.0 sign-on.
3 – Name your app Tribal Habits and move to the Configure SAML page.
4 – Login to your Tribal Habits platform, switch to Admin view. Go to the Account area and select Configure SAML. Copy your Single Sign On URL from the panel on the right. It will look like https://myorg.tribalhabits.com/saml/auth or similar.
5 – Return to Okta and the SAML Setting screen. Paste the Tribal Habits URL into the ‘Single sign on URL’ and ‘Audience URI (SP Entity ID)’ fields.
6 – Scroll down to the Attribute Statements and create four attributes as follows. Match your Okta values to the four required attributes. Note that upper and lower caps are important for the Name values.
- Name: UserName. Value: The unique user login idea field in Okta (e.g. login)
- Name: Email. Value: The user email field (e.g. email)
- Name: FirstName. Value: The user’s first name field (e.g. firstName)
- Name: LastName. Value: The user’s last name field (e.g. lastName)
7 – Download a copy of your Okta certificate from this screen. Then select Next to save the new application. You will see a warning to view SAML 2.0 set-up instructions. Click that link.
8 – Return to the Configure SAML page in Tribal Habits and copy data from the Okta set-up page as follows.
- Check the box to ‘Enable’ SAML.
- Paste your Okta Identify Provider Issuer url into the ‘Identity Provider Entity ID’ field.
- Paste your Okta Identity Provider Single Sign-On URL into the ‘Identity Provider SSO URL’ field.
- Paste your Okta X.509 certificate, including the BEGIN and END certificate notes, into the ‘Identity Provider x.509 Certificate’ field.
9 – Select Update SAML Configuration.
At this point your SAML set-up is complete. Once you assign users to your new Tribal Habits app in Okta, your users can access the app from their dashboard and will be logged directly into Tribal Habits.
If you need to troubleshoot your SAML settings, but cannot access your portal any longer, you can login with your Tribal Habits user details at yourorganisation.tribalhabits.com/accounts/sign_in_without_sso