In this article, we will walktrhough the required steps to integrate Okta SAM SSO with Chili Piper.
- You must be a Chili Piper admin to enable Single Sign-On (SSO).
- You must use the same email address for both Chili Piper and Okta.
- This feature is currently in Beta version.
- This article is dedicated to Chili Piper users who already got upgraded to Demand Conversion Platform. If you are still a Legacy user, check this article instead.
How to configure Okta SAML SSO
Before configuring Okta in Chili Piper itself, you must add Chili Piper as an app in Okta:
- Select Add Application.
- Select Browse App Catalog.
- Search for the Chili Piper application.
- Select the Add button for the Chili Piper application.
- In General Settings select the appropriate values for:
- Application Visibility: If you want to temporarily hide the app while configuring, select the check box next to Do not display application icon to users. (You will need to change this after configuration to make the app visible to your users.)
- Browser plugin auto-submit
- Select Next.
- Under Sign On Methods, select SAML 2.0.
- Select View Setup Instructions
- Leave this tab open and proceed to the Chili Piper app to complete setup.
Integrating Okta SAML SSO in Chili Piper
- Access Okta SAML Configuration by clicking Integrations in the right-side menu and click the Security tab. Then, click Connect on the Okta card.
-
Copy and Paste the Default ACS URL and the Entity ID from Chili Piper into Okta. These URLS cannot be edited in anyway or they will not work.
Once done, click Confirm Posting on Identity Provider
-
Copy and Paste Metadata URL (located under the Sign-On tab) from Okta into Chili Piper & Test Connection
- Paste it to the Metadata URL field in Chili Piper in Step 2 section of the Okta setup.
-
Click Test Connection and you will be directed to the Okta login screen. You must log into Okta using the same credentials that you are logged into Chili Piper.
If the Connection is successful, you will be redirected back to Chili Piper to enforce SSO for all users.
- Optionally, if you’d like to enforce your users only logging in via Okta, you can opt to do this now. This option will only be available if testing the connection in Step 2 was successful.
Supported Features
- SP login flow via https://fire.chilipiper.com/auth/v1/login once the integration setup is complete.
- JIT provisioning.
Notes
SAML Attributes include:
- `firstName`: user.firstName`
- `lastName`, `user.lastName`
- `email`, `user.email`