Skip to main content

Search

Configuring SAML: Okta

Introduction

Enable Single Sign-On from Okta to your Canary Console with this guide.

This article covers the following topics, click on a heading to jump to it's section.

Getting Started

Assigning users or groups to the Canary Application

Logging into your Console via SSO

Step 1: Find your SAML parameters

Login to your Console, click the white Gear Icon on the top right hand side of your screen, select "Global Settings" then expand the SAML section at the bottom of the page. You will find the info for your Console (pictured below) that you'll need for Step 5 of the process.

Note you can also head directly to your Console SAML page by editing the below URL with your domain hash.

https://XXX.canary.tools/nest/settings/saml

CleanShot 2024-09-13 at 16.30.02@2x.png

Step 2: Create App in Okta

Login to your Okta organisation dashboard and expand the "Applications" menu, then select "Applications" and finally "Create App Integration"

CleanShot 2024-09-13 at 16.30.12@2x.png

Step 3: Launch the SAML Wizard

On the popup, select "SAML 2.0" as the application type, then hit next.

CleanShot 2024-09-13 at 16.30.22@2x.png

Step 4: Configure your SAML App Integration

  1. Choose a name for your Okta Canary application.
  2. Upload an App logo. (Available for download here.)
  3. Select "Next"

CleanShot 2024-09-13 at 16.30.31@2x.png

On the second step, enter the SAML parameters from your Console received in step 1.

  1. Enter your ACS URL : https://XXX.canary.tools/saml/acs
  2. Enter your SP Entity ID : https://XXX.canary.tools/
  3. Leave the Default RelayState blank.
  4. Set the Name ID format to EmailAddress.
  5. Set the Application username to Email.
  6. Leave the Update application username on field as Create and update.

CleanShot 2024-09-13 at 16.30.43@2x.png

Once complete, select "Next", then fill in the reason for the custom app and click "Finish":

CleanShot 2024-09-13 at 16.30.52@2x.png

Lastly select "I'm an Okta customer adding an internal app", then hit Finish or complete the form if you'd like to provide Okta feedback.

CleanShot 2024-09-13 at 16.31.53@2x.png

Step 5: Download SAML Metadata

Your SSO integration is ready!

Simply share your Metadata URL with the support team at support@canary.tools and we'll have your SSO setup in no time.

CleanShot 2024-09-13 at 16.32.10@2x.png

 

Assigning users or groups to the Canary Application

With your SSO setup, you'll want to grant access to your users to access your Canary Console.

With your Canary application open, select the "Assignments" tab, then the "Assign" drop down and finally "Assign to People".

CleanShot 2024-09-13 at 16.32.56@2x.png

At the popup, assign your users to the app:

CleanShot 2024-09-13 at 16.33.04@2x.png

Save their email address and select "Save and Go Back".

CleanShot 2024-09-13 at 16.33.13@2x.png

Finally, click "Done".

CleanShot 2024-09-13 at 16.33.22@2x.png

You're all set!

Logging into your Console via SSO

You'll know it's working when you see your Console Login page show a "Login with SSO" button:

CleanShot 2024-09-13 at 16.33.37@2x.png

Click the button to initiate the SSO login.

You'll also be able to login to your Console by clicking on your Canary app panel inside the Okta dashboard:

CleanShot 2024-09-13 at 16.33.45@2x.png

 

 

Was this article helpful?
7 out of 7 found this helpful
Return to top