Chord OMS
...
Developer Tools
Authentication
Chord Platform and Okta SSO Integration
8min
Welcome to the Chord Platform SSO integration guide. This will cover the basic understanding of the integration of Okta and the SSO flow and go through the setup process step by step.
ļ»æ
- The user logs into IdP (e.g. Okta) dashboard and selects the Chord application.
- Okta servers request that the user authenticate the login.
- On success, the user is redirected to the data platform.
- The Chord data platform validates the session information from the IdP and logs the user in.
ļ»æ
- ACS URL: XXXXXXXXX
- Audience URI: XXXXXXXXX
Log intoĀ okta.comĀ and clickĀ Create App IntegrationĀ in theĀ ApplicationsĀ tab:
- SelectĀ SAML 2.0.
- In theĀ General SettingsĀ form, enter "Chord Hub".
- If integrating on the Chord data platform's staging instance, append" - Staging" to the name.
- The icon below can be downloaded and uploaded for the Chord application:
- ļ»æ
- In theĀ Configure SAMLĀ form, use these steps for the following fields:
- Single sign-on URL: Enter theĀ acs_urlĀ value from the Chord configuration.
- "Use this for Recipient URL and Destination URL"Ā should remain checked.
- "Use this for Recipient URL and Destination URL"Ā should remain checked.
- Audience URI (SP Entity ID): Enter theĀ audience_uriĀ value from theĀ Chord configuration.
- Default RelayState: This value can remain blank.
- " Name ID format: SelectĀ āEmailAddress".
- "Application username: Select āEmail"
- Attribute Statements: Create these two:
- Name:Ā firstName; Name format:Ā Basic; Value:Ā user.firstName
- Name:Ā lastName; Name format:Ā Basic; Value:Ā user.lastName
- ļ»æ
- There may be a feedback form on the next step, which can be ignored. Then click "Finish. "
1. Click theĀ View SAML setup instructionsĀ button on theĀ Sign OnĀ tab of your newly created Okta application:
ļ»æ
2. Send Chord the following values from the setup instructions page:
- Identity Provider Single Sign-On URL
- Identity Provider Issuer
- X.509 CertificateĀ (including theĀ BEGIN_CERTIFICATEĀ andĀ END_CERTIFICATEĀ lines)
On theĀ AssignmentsĀ tab under your application in Okta, assign the application to team members who should have access to it by clickingĀ Assign:
ļ»æ
The Okta user dashboard should show the Chord Application. Please test the integration by clicking the application to sign in to Chord.
Updated 14 May 2024
Did this page help you?