The guide takes you through the steps to setup Single Sign On between Okta and CustomerGauge. This will allow users to login using their Okta Credentials to log into CustomerGauge.



In Okta Portal


  1. From the menu, go to the Applications section


  2. Click the "Add Application" button and then click the "Create New App" button. Okta will show the create new app dialog box

    1. Select "Web" as the value for Platform

    2. Select "SAML 2.0" as the value for Sign on method

    3. Click the "Create" button and you will be redirected to the "Create SAML Integration" page

  3. In the "Create SAML Integration" page

    1. General Settings

      Fill in the App name, logo and the visibility. We recommend you name the App wiith "CustomerGauge" to make it easy to identify the user assignment to your CustomerGauge application.

      • App name: CustomerGauge
      • App logo

    2. Create SAML Integration

      • Fill in the following information:
        • Single sign on URL:  Go to the "Sso Manager" page on your CustomerGauge applications and copy the "Assertion Consumer Service URL" part
        • Authentication URI (SP Entity ID): Go to the "Sso Manager" page on your CustomerGauge applications and copy the "Entity ID" part
        • Application username: Email
        • Name Id format: Persistent
        • Attribute statements
        • Name        
          Value
          Mandatory
          organization_id    
          Add your organization external key here
          Yes
          email    
          Use: user.email    
          Yes
          customergauge_user_role
          Choose from the following
          WorkflowUser
          User
          Admin
          No. If it is not specified, the default role will be "User"
          user_division
          It is particularly useful in case you have a hierarchy setup in CG.
          We will use this attribute to link the user to a specific division or department.
          No. If it is not specified, the default value will be "Global"                        

          user_firstname    
          First name of the user
          No
          user_lastname
          Last name of the user
          No
          user_country
          User's country (in 2 digit ISO code)
          No
          user_telephone
          The telephone number of the user
          No

    3. Click "Next" to finish the setup. In the next page you will get the instruction on how to complete the SSO installation in the CustomerGauge side

                      

      Sample of the instruction

  4. Assign the permitted user or groups in the "Assignment" tab





In CustomerGauge

  1. Go to the Single Sign-On Manager inside the CustomerGauge platform, it will be under the Setup Menu. If the SSO is disabled, please enable it first.
  2. Enter the following information
    1. Entity ID: Copy the Identity Provider Issuer from the instruction you get from Okta and enter it here
    2. Identity Provider: Okta
    3. Single Sign ON Service URL: Copy the Identity Provider Single Sign-On URL from the instruction you get from Okta and enter it here
    4. Certificate: Copy the certificate from the instruction you get from Okta and enter it in the certificate field
    5. Certificate fingerprint: Calculate the certificate fingerprint, you can either calculate it yourself or using the service below
      1. Go to this website https://www.samltool.com/fingerprint.php
      2. Paste the certificate content to the X.509 CERT field
      3. Chose sha-1 or sha-256 as the algorithm
      4. Calculate the fingerprint
      5. Copy the formatted fingerprint result
      6. Paste it
    6. OrganizationID: enter your Okta organization external key
  3. Save


Congratulations, now you can use Okta credentials to login to your CustomerGauge account