Skip to main content
All CollectionsAdministrationLocation AdministrationFederated Identity
Okta App OIDC Configuration Guide
Okta App OIDC Configuration Guide

Enhance security and streamline access with Xakia’s Okta OIDC integration for Single Sign-On (SSO)

Updated over a month ago

When the Xakia Okta app is configured for OIDC, Xakia users will be able to use Single Sign-On (SSO) via Okta when logging into Xakia.

Xakia recommends using Microsoft Okta SCIM federated identity if your organization supports it. If you want to utilize Okta SCIM functionality to manage Xakia users from Okta, please use this guide to configure Okta App SCIM after completing the Okta App OIDC setup.

The Okta App OIDC federated identity option requires an Okta system administrator to configure OIDC within Okta.

IMPORTANT: Before configuring Okta App OIDC federated identity using the steps below, it is highly recommended that you set up a Xakia Support Account at your Xakia location to ensure minimal downtime during your switch to Okta App SCIM federated identity.

Xakia Location Administrator access is required to set up Single-Sign-On. Please ensure that the member of IT managing Okta has a Xakia Location Admin user account setup. This account can be configured without Matter or Contract access and set up as non-billable by contacting Xakia Support.

Supported features

  • SP-initiated SSO

  • SP-initiated logout

See further instructions below under 'SP-initiated SSO Instructions'.

Step-by-step configuration instructions

Step 1: Xakia

  • In Xakia go to Admin > Settings > Users & Security > Federated Identity

  • Select Okta as the identity provider

  • Note the ‘Company ID’

Step 2: Okta

  • Browse the app catalog in Okta and search for Xakia and add the Xakia app

  • Select the Sign-On tab and press 'Edit'

  • Fill out ‘Company ID’ with the Company Id from Xakia as noted down in the previous step

  • Set the ‘Application username format’ to Email

  • Click 'Save'

  • Note down the ‘Client ID’ of the Okta Application

blobid2.png

Step 3: Complete Xakia Configuration

  • In Xakia go to Admin > Settings > Users & Security > Federated Identity

  • In Xakia under Federated Identity, fill out ‘Client Id’ with the Okta Client ID noted down in the previous step

  • Enter your Okta domain (e.g https://yourorg.okta.com) in the ‘Issuer URL’ field

  • Click 'Save'

mceclip0.png

Step 4: Configure users

Xakia offers two approaches for configuring users to login with SSO via Okta.

  1. Provision and manage users directly from Okta using SCIM provisioning (Recommended)

  2. Manually configuring users to login via Okta

Provision users from Okta

You can provision Xakia users directly from Okta SCIM. Only Xakia main application users need to be added - please do not add Internal client users. Internal client users will be automatically provisioned by accessing the Internal Client Portal directly.

Provision Xakia users directly from Okta SCIM

Note: Internal Client users must be assigned to the Xakia OIDC app in Okta to be automatically provisioned.

Manually Configure Users

  • In Xakia go to Admin > Settings > Users & Security > Federated Identity

  • Toggle on ‘Enable User Provisioning from Xakia’

  • Go to the Users tab and add/edit a user

  • Set Okta as their Identity Provider

SP-initiated SSO Instructions:

Set Up SSO: If you want to utilize Okta SCIM functionality to manage Xakia users from Okta, use this guide to configure Okta App SCIM.

Did this answer your question?