Okta - Identity and Access Management

The following guide shows how to configure Okta as a SAML identity provider for Veezoo.

Create an enterprise application

1. Log into Okta.

2. In the sidebar, navigate to Applications then to Applications. Click on Create App Integration.

3. Chose the option SAML 2.0

4. Enter a name for the application and click on Next

5. Configure SAM

• Set Single sign-on URL to https://<subdomain>.app.veezoo.com/saml/callback where <subdomain> is your Veezoo-subdomain.

• Set Audience URI (SP Entity ID) to https://veezoo.com/saml

Scroll further down.

6. (optional) Configure Attribute Statements and Group Attribute Statements. This is additonal information about the user that will be shared with Veezoo. When configuring Veezoo later, this information can be used, to automatically set usernames, set group memberships (which then can be used to assign roles e.g.), etc.

The following is simply an example, values and filters (probably) will differ in your usecase.

Scroll down and and click on Next

7. Give feedback and click on Finish

Configure Veezoo

Configure and enable single sign-on in Veezoo Admin according to the documentation.

You can find the Entity Provider Metadata here:

1. In the Okta-sidebar, navigate to Applications then to Applications. Click on your newly created veezoo application (or what you called it).

2. Click on Sign On and copy the Metadata URL

3. Paste this URL into your browser. You can now copy and paste the displayed text into Veezoo as Entity Provider Metadata

Provide access to users

Access for people

1. In the sidebar, navigate to Directory then to People. Click on the person you want grant access to Veezoo.

2. Click on Assign Applications and select Veezoo

Access for groups

1. In the sidebar, navigate to Directory then to Groups. Click on the group you want grant access to Veezoo.

2. Select Applications and click on Assingn applications. Select Veezoo.