If you are using Okta for single sign-on(SSO) within your organization and would like to integrate that with ConcealBrowse you may do so. This article will outline the steps you need to take in the Conceal Dashboard.
- ConcealBrowse V3+
Before you begin
- You can only set SSO up with one domain and use that domain to login (ex: if you set it up with @example.com, only @example.com domains will be allowed via SSO, no variations such as @examples.com would be allowed)
- You need to be logged into the Conceal dashboard with the same domain you plan to set up with SSO (Ex: email@example.com would need to be logged in to upload the data to the Conceal dashboard. firstname.lastname@example.org would not work if you are configuring the SSO for email@example.com)
- Conceal currently only supports SP initiated login flows
- In your browser, navigate to the the Conceal dashboard located at https://dashboard.conceal.io/, log in if necessary.
- Click on the section labeled Settings in the left hand menu.
- Click the dropdown arrow on the right next to SAML Single Sign On and choose the option labeled Okta.
- Here you will see some information provided by Conceal that you will need when enabling SSO in Okta: Single Sign On URL & Audience URI (SP Entity ID). You can copy these values by clicking the blue clipboard to the right.
If you need assistance with enabling SSO in Okta, following the instructions here: https://aws.amazon.com/premiumsupport/knowledge-center/cognito-okta-saml-identity-provider/
- Below that you will see a section labeled Attribute Mappings. This is also information that may be needed when enabling SSO in Okta. You can copy these values by clicking the blue clipboard to the right.
- Once you have created the application, assign users to the application.
- Download the SAML IDP metadata from the button labeled View SAML Setup Instructions.
- Then you need to upload the SAML IDP metadata that you downloaded in step 7 into the Conceal dashboard. You can copy and paste this into the area or you may upload it by clicking the button labeled Upload SAML Data.
- Once the SAML Metadata is uploaded, click the button labeled Configure SSO Provider.
You should now have Okta integrated with ConcealBrowse!
Note: As of now, even though SSO has been integrated, each employee will still have to login to the extension the first time to be authenticated.
*Never hesitate to contact your Customer Success Manager for any questions or concerns. You may also open a support ticket at support.conceal.io by scrolling to the bottom and clicking Submit a request.