Configure Tenfold to use Okta as an identity provider utilizing SAML
Overview: This article provides a walkthrough for configuration Okta as an identity provider for Tenfold with SAML.
Configuration instructions
In Okta Admin console click the Applications Tab and select Applications again from the drop-down menu(The same action can be performed by using the Add Applications shortcut on the Dashboard Tab).
In the Apps Store select Create New App.
Select “Web” for the Platform and “SAML 2.0” for the Sign on Method; then click Create.
It is required to set the Name of the app(you can select something with your company name and Tenfold to be clear).
The Logo, Visibility, and type settings can be left alone(a Tenfold Logo is provided below, which you can use to help clarify for your Tenfold Users they are using the correct app). App visibility can be configured to your preference.
On Step 2 for creation of our SAML Integration, set the following:
Single sign on URL: https://dashboard.tenfold.com/corporate-login/callback
Select the "Use the SSO URL for Recipient and Destination URL" checkbox
Audience URI: sso.tenfold.com
Name ID format: EmailAddress
Application username: Okta username
Update application username on: Create and update
Add Another Attribute Statement and set the two to have the name/value pairings:
{(firstName, user.firstName),(lastName, user.lastName)}Note
Attribute Statements are Optional, BUT we need these set to create users in Tenfold with the same name they have in Okta. The same goes for the name format but we leave that as Unspecified. Failure to configure Email, firstName, and lastName may result in user profiles being generated incorrectly or inconsistently with the connected CRM
Click Next.
For step three you can select “I’m an Okta customer adding an internal app” and provide the feedback to Okta if you would like to assist. Once complete we can click the Finish Button.
Now that we are complete you can download your sign on metadata for configuring Okta on the Tenfold end from this location. If you click this option and are brought to a new webpage instead of downloading an XML file that is fine the webpage is the XML file. Save the XML page through your browser and we will upload this on the Tenfold end later.
XML webpage example:
All we have left to do now on the Okta end is assign people to use the Tenfold SSO Application. Click on the Assignments Tab for the Tenfold Application and select the Assign drop down button. from here you can select to assign people or groups. For purposes of this article let's elect to “Assign to People.”
In the popup window you can assign the People you create to the application then select Done.
Select the General Tab of the Tenfold App; here you can set the App Settings. The only configurations you need to set are the Auto-launch so you don’t have to click again on the Okta Dashboard to login to Tenfold after Okta sign on and verify for 2 Factor Authentication (if you don’t mind the extra click you can skip this step). Click the edit option on the App Settings Panel.
Here we can select the auto-launch checkbox and even change the Application name if we like. Once complete click on the save button at the bottom right of the panel.
Log in to the Tenfold dashboard, navigate to the SSO feature configuration page and click the red disabled button in the upper right hand corner to Enable the Feature to configure the feature to work.
All we have to do to configure SAML is upload the file we downloaded on step #7 by clicking the “+Upload file” button and add the Domain we want to use for corporate login(its best to use the name of the organization).
Click the save option and you are ready to use Okta to authenticate to Tenfold. The below gif demonstrates the login flow:
(Note: Okta Verify will handle multi-factor authentication. Please click on the hyperlink to discover how Okta will handle the multi-factor Authentication with Okta Verify.)
