Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The guide below details how to setup a single sign-on integration in the LogiSense Billing application. Both Azure AD and Okta integrations are covered in this guide.

Okta Configuration Process

Setup a new Application in the Okta Admin Portal

The fist step is to create an application in the Okta portal for the LogiSense Billing integration.

  1. On the left hand side click on Applications to show the sub menus

  2. On the Applications sub menu click Create App Integration

  3. On the Create New App Integration pop-up select SAML 2.0 and click Next

  4. On the Create SAML Integration page enter an application name (for instance, LogiSense Billing) and click Next

  5. Enter the Single sign-on URL. This will be the URL used to access your LogiSense Billing instance plus the path to the AuthorizationServer ( /AuthorizationServer/Saml2/ACS )

  6. Enter the Audience URI (this will be the same domain name as above, but without the AuthorizationServer… details)

  7. All other settings can be left as default, at the bottom of the page click Next

  8. On the following page select I'm an Okta customer adding an internal app option and then the This is an internal app that we have created option and click Finish

Capture SAML Certificate Details in Okta

Next certain details are required from the Okta application data in order to configure SAML settings in the LogiSense Billing application. You can copy these details into notepad or any text editor.

  1. On the application page that loads scroll down to the SAML Signing Certificates section

  2. Next to the SHA-2 cert click on Actions and then View IdP metadata

  3. On the metadata page that loads copy the url of that page (e.g. https://dev-xxxxxxxx.okta.com/app/exkaffbk7gT0TrGxi8d7/sso/saml/metadata) and copy the value within that page on the very first line called entityID

Configure the SAML Settings in LogiSense Billing

  1. Login to LogiSense Billing

  2. Load the Setup / Users & Accounts / Owners screen

  3. Under Owner Configuration click on SAML Setting

  4. Click Enabled if it is not already selected

  5. In the Entity ID field paste in the entity id from the metadata (just the URL without quotes)

  6. In the Provider Metadata URL field paste in the metadata URL you previously copied

  7. Click the Get Token button and a token will be generated

  8. Copy the SCIM Access Token that is generated (this will be needed as part of the SCIM Configuration below)

  9. Click Save to save the SAML settings

Configure SCIM to Manage Users in Okta

  1. Access the Okta admin portal

  2. Access the Application you setup for the LogiSense Billing integration

  3. Click on the General link

  4. Under the App Settings section click Edit

  5. Check the option Enable SCIM provisioning

  6. Click Save

  7. Once the change is saved a new Provisioning link will appear under the application where SCIM settings can be populated

  8. Click on Provisioning

  9. On the Provisioning Settings page click Edit

  10. In the SCIM connector base URL field enter the domain of your LogiSense Billing system followed by /ResourceServer/api/SCIM

    Image RemovedImage Added

  11. In the Unique identifier field for users field enter your Okta supplied identifier

  12. In the Supported provisioning actions section enable Push New Users, Push Profile Updates and Push Groups

  13. Change the Authentication Mode to HTTP Header authentication

  14. Under the HTTP Header section in the Bearer field paste the SCIM Access Token you copied earlier from the SAML Settings in the LogiSense Billing application

  15. Click Test Connector Configuration

  16. On the pop-up that appears the test should show that the testing of the create, update and push functions worked

  17. Close the Test Connector Configuration pop-up and Click Save

  18. Next we need to grant Okta permissions in LogiSense Billing. On the Provisioning page click the Edit link

  19. Next to Create Users click Enable

  20. Next to Deactivate Users click Enable

  21. Click Save

Configure Application Permissions in Okta

This step will configure Okta users to access LogiSense Billing

  1. On the Application page click on Assignments

  2. On the Assignments page click the Assign button

  3. You will be presented with two options, Assign to People and Assign to Groups, you can select whichever option you desire (e.g. assign people who will be setup as users in LogiSense Billing or assign groups that will be setup as role groups in LogiSense Billing)

  4. Click Assign next to the person or group

  5. On the Assign pop-up that appears leave the values as is and select Save and Go Back

  6. Assign additional people/groups as needed, when finished click the Done button

  7. The users or groups you added should be listed and created in LogiSense Billing

  8. You can verify that the user/group was created in LogiSense Billing on the Setup / Users & Accounts / Users screen and Role Groups screen

Test SSO login

  1. Log out of LogiSense Billing

  2. On the Login page a new Log in with SSO option will be available

  3. Click on Log in with SSO

  4. You will be redirected to the Okta login page

  5. Enter your Okta username and password and click Sign In

  6. After entering valid login credentials you will be directed to the LogiSense Billing application and logged in

Azure Configuration Process