Start using Okta as a identity provider for Corporategift.com
Creating an application in Okta
To start using Okta as identity provider for Corporategift.com, you need to create an application in Okta admin dashboard. This process is well described in the official documentation - https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/#oidc-customer-org-credentials . Please follow the steps included in documentation but also take a look at our detailed configuration requirements.
- Sign in to your developer-edition Okta org as a user with administrative privileges.
- Go to Applications > Applications in the Admin Console.
- Click Create App Integration.
- Select SAML 2.0 in the Sign-in method section.
- Click Next.
- On the General Settings tab, enter corporategift.com and optionally upload our logo (download first here: https://cf.corporategift.com/media/personalize/julK6SiHxWOVa4zo1q1ySAYBhF5Y9qUKpgvtOsMB.png ) . You can also choose to hide the integration from your end user's Okta dashboard or mobile app. Click Next.
- On the Configure SAML tab:
- The Single sign on URL field, should match the pattern: https://api.corporategift.com/api/sso/{companyname}/acs.
For example, if we our a company is named on corporategift* “PizzaTime”, the URL should be https://api.corporategift.com/api/sso/pizzatime/acs .
* if you are not sure whats the exact name of the company on corporategift ask your customer success manager or sales rep. Please note that the above URLs are case-sensitive.
- The Single sign on URL field, should match the pattern: https://api.corporategift.com/api/sso/{companyname}/acs.
- Audience URI (SP Entity ID) should follow a similar pattern as above, but URL is a little different - https://api.corporategift.com/api/sso/{companyslug}/metadata. In this case Audience URI for “PizzaTime” company should be https://api.corporategift.com/api/sso/pizzatime/metadata .
- Default RelayState - keep blank
- Name ID format and Application username fields should be set as below.
- Attribute Statements section (described as optional) is required from our perspective and should be configured as below.
- Group Attribute Statements (optional) - keep empty
After finishing the application creation process, please make sure to assign users so they can start using prepared integration. Assigning user process is also well described in the documentation - https://developer.okta.com/docs/guides/build-sso-integration/saml2/main/#assign-users .
Provide us with the necessary data
To make it work, we need some data from your newly created application. Below we describe what data we need and where you can find it.
Select Applications from the left menu in the Okta admin dashboard and click on the name of the application that you recently created. Next, go to the Sign On tab and click the button View SAML setup instructions.
You will see a page with few important information and those which we need are Identity Provider Issuer and X.509 Certificate. Please provide us this data, so we can enable using Okta SSO to authenticate into Corporategift.com for your company.
Testing the integration
When you receive feedback from us that everything is ready on our side, then it’s time to test integration. Login to Okta as a simple user (not admin) and you should see the application you recently created - it should be visible in the My Apps section.
When you click on it, you should be redirected to Corporategift.com and logged in.
Additional information
If you’re looking for some help regarding managing users and your account in Okta, we recommend checking official documentation.
User management: https://help.okta.com/en-us/Content/Topics/users-groups-profiles/usgp-main.htm
Other topics: https://help.okta.com/