When the Xakia Okta app is configured for OIDC, Xakia users will be able to use Single Sign-On (SSO) via Okta when logging into Xakia.
Supported features
SP-initiated SSO
SP-initiated logout
See further instructions below under 'SP-initiated SSO Instructions'.
Step-by-step configuration instructions
Step 1: Xakia
In Xakia go to Admin --> Settings --> Security --> Federated Identity
Select Okta as the identity provider
Note the ‘Company ID’
Step 2: Okta
Browse the app catalog in Okta and search for Xakia and add the Xakia app
Select the Sign-On tab and press 'Edit'
Fill out ‘Company ID’ with the Company Id from Xakia as noted down in the previous step
Set the ‘Application username format’ to Email
Click 'Save'
Note down the ‘Client ID’ of the Okta Application
Step 3: Complete Xakia Configuration
In Xakia go to Admin --> Settings --> Security --> Federated Identity
In Xakia under Federated Identity, fill out ‘Client Id’ with the Okta Client ID noted down in the previous step
Enter your Okta domain (e.g https://yourorg.okta.com) in the ‘Issuer URL’ field
Click 'Save'
Step 4: Configure users
Xakia offers two approaches for configuring users to login with SSO via Okta.
Provision and manage users directly from Okta using SCIM provisioning (Recommended)
Manually configuring users to login via Okta
Provision users from Okta
To provision Xakia users directly from Okta follow the SCIM configuration guide here. Only Xakia main application users need to be added - please do not add Internal client users. Internal client users will be automatically provisioned by accessing the Internal Client Portal directly.
Note: Internal Client users must be assigned to the Xakia OIDC app in Okta to be automatically provisioned.
Manually Configure Users
In Xakia go to Admin --> Settings --> Security --> Federated Identity
Toggle on ‘Enable User Provisioning from Xakia’
Go to the Users tab and add/edit a user
Set Okta as their Identity Provider
SP-initiated SSO Instructions:
Enter your email and click Next
You can set up Single Sign On (SSO) by following the instructions in this article.