Skip to main content

How to set up Okta SAML SSO for Chili Piper

Jorge Ferreira Filho
  • Updated

In this article, we will walk through the required steps to integrate Okta SAML SSO with Chili Piper.

  • You must be a Chili Piper admin to enable Single Sign-On (SSO).
  • You must use the same email address for both Chili Piper and Okta.
  • This feature is currently in the Beta version.
  • This article is dedicated to Chili Piper users who have already been upgraded to the Demand Conversion Platform. If you are still a Legacy user, check this article instead.
  • You can find Chili Piper on Okta's Integrations page for more details here.

How to configure Okta SAML SSO

Before configuring Okta in Chili Piper itself, you must add Chili Piper as an app in Okta:

  1. Select Add Application.
  2. Select Browse App Catalog.
  3. Search for the Chili Piper application.
  4. Select the Add button for the Chili Piper application.
  5. In General Settings select the appropriate values for:
    1. Application Visibility: If you want to temporarily hide the app while configuring, select the check box next to Do not display application icon to users. (You will need to change this after configuration to make the app visible to your users.)
    2. Browser plugin auto-submit
    3. In SAML Settings, ensure the Attribute Statements include the following entries:
      1. Name: firstName | Value: user.firstName
      2. Name: lastName | Value: user.lastName
      3. Name: email | Value: user.email
  6. Select Next.
  7. Under Sign On Methods, select SAML 2.0.
  8. Select View Setup Instructions
  9. Leave this tab open and proceed to the Chili Piper app to complete setup.

Integrating Okta SAML SSO in Chili Piper

  1. Access Okta SAML Configuration by clicking Integrations in the right-side menu and click the Security tab. Then, click Connect on the Okta card.

  2. Copy and Paste the Default ACS URL and the Entity ID from Chili Piper into Okta. These URLS cannot be edited in anyway or they will not work.
    Once done, click Confirm Posting on Identity Provider

  3. Copy and Paste Metadata URL (located under the Sign-On tab) from Okta into Chili Piper & Test Connection


  4. Paste it to the Metadata URL field in Chili Piper in Step 2 section of the Okta setup.


  5. Click Test Connection and you will be directed to the Okta login screen. You must log into Okta using the same credentials that you are logged into Chili Piper.

    If the Connection is successful, you will be redirected back to Chili Piper to enforce SSO for all users.
  6. Optionally, if you’d like to enforce your users only logging in via Okta, you can opt to do this now. This option will only be available if testing the connection in Step 2 was successful.

Okta SAML SSO Features

  • SP login flow (Service-provider Initiated)
    • Users can log in via fire.chiliipiper.com, and your Identity provider will authenticate the user.
  • Identity Provider Initiated SSO (IdP-initiated)
    • Users can log in to their identity provider and select the Chili Piper app.
    • Only available if your identity provider supports a Default Relay State.
  • JIT provisioning is not supported.

Notes

SAML Attributes include:

  • firstName: user.firstName
  • lastName: user.lastName
  • email: user.email

Related articles

Comments

0 comments

Please sign in to leave a comment.