Chord OMS
...
Developer Tools
Authentication
Chord Hub and Okta SSO Integration
8min
Welcome to the Chord Hub SSO integration guide. This will cover the basic understanding of the integration of Okta and the Hub SSO flow and go through the setup process step by step.
- The user logs into IdP (e.g. Okta) dashboard and selects the Chord Hub application.
- Okta servers request that the user authenticate the login.
- On success, the user is redirected to the Hub.
- The Chord Hub validates the session information from the IdP and logs the user in.
- ACS URL: XXXXXXXXX
- Audience URI: XXXXXXXXX
Log into okta.com and click Create App Integration in the Applications tab:
- Select SAML 2.0.
- In the General Settings form, enter "Chord Hub".
- If integrating on the Hub's staging instance, append" - Staging" to the name.
- The icon below can be downloaded and uploaded for the Hub application:
-
- In the Configure SAML form, use these steps for the following fields:
- Single sign-on URL: Enter the acs_url value from the Chord configuration.
- "Use this for Recipient URL and Destination URL" should remain checked.
- "Use this for Recipient URL and Destination URL" should remain checked.
- Audience URI (SP Entity ID): Enter the audience_uri value from the Chord configuration.
- Default RelayState: This value can remain blank.
- " Name ID format: Select ”EmailAddress".
- "Application username: Select “Email"
- Attribute Statements: Create these two:
- Name: firstName; Name format: Basic; Value: user.firstName
- Name: lastName; Name format: Basic; Value: user.lastName
-
- There may be a feedback form on the next step, which can be ignored. Then click "Finish. "
1. Click the View SAML setup instructions button on the Sign On tab of your newly created Okta application:
2. Send Chord the following values from the setup instructions page:
- Identity Provider Single Sign-On URL
- Identity Provider Issuer
- X.509 Certificate (including the BEGIN_CERTIFICATE and END_CERTIFICATE lines)
On the Assignments tab under your application in Okta, assign the application to team members who should have access to it by clicking Assign:
The Okta user dashboard should show the Chord Hub Application. Please test the integration by clicking the application to sign in to the Chord Hub.