Article

    How to set up SSO

    2 min read
    Last updated 19 months ago

    Overview The objective of this document is to provide the necessary details to integrate Okta with your Everyspace account. Okta integration provides seamless SSO that automatically creates users in your Everyspace dashboard when they log in with their Okta credentials. If you have any questions, please reach out to your onboarding representative.

    Supported features Service Provider (SP)-Initiated flow

    Identity Provider (IDP)-Initiated flow

    Just-In-Time Provisioning

    Full directory sync

    Getting started From the "Applications" tab, click "Create App Integration".

    From the provided sign-in method options, choose "OIDC - OpenID Connect". This will allow you to select an application type. Choose "Web Application" and click Next.

    On the new page, fill out the application name, for example "Everyspace".

    For Grant Type, make sure "Authorization Code" is checked.

    Enter the Sign-in redirect URI. This is based on the subdomain associated with your account. For example, if you access your dashboard through "piedpiper.everyspacehq.com", enter https://piedpiper.everyspacehq.com/__/auth/handler.

    Enter the Sign-out redirect URI. This is also based on the subdomain associated with your account. For "piedpiper.everyspacehq.com" this would be https://piedpiper.everyspacehq.com/logout.

    Leave the Trusted Origins section blank.

    Under Assignments, you have the option to enable Everyspace for everyone in your organization or limit access to certain users. This can also be skipped for now and configured later.

    Click Save.

    (Optional) After saving, you will have the ability to enable Identity Provider Initiated Login. Click "Edit" in the General Settings section and scroll down to the Login section. Change "Login initiated by" from "App Only" to "Either Okta or App". Check off the "Application visibility" options you want to enable for your users. Set "Login flow" to "Redirect to app to initiate login (OIDC Compliant)". The "Initiate login URI" is also based on the subdomain associated with your account. For "piedpiper.everyspacehq.com" this would be https://piedpiper.everyspacehq.com/login/okta-oidc.