Setting Up SSO with Okta

  1. Login to Okta Developer.

  2. From the sidebar click Applications > Applications.

  3. From the Applications page click “Create App Integration“.

  4. Choose “OIDC - OpenID Connect“ as the Sign-in method, “Web Application“ as Application type.

     
     
  5. Click “Next”.

  6. Under “General Settings“ provide a “App integration name“

  7. Under “Assignments“ choose an appropriate “Controlled access“ for your organisation. Choose “Skip group assignment for now“ to set at a later date.

     
     
  8. Click “Save“.

  9. Once saved you should have access to the Client ID, Client secret and Okta domain. Please provide these to the Mallcomm Team to setup your app as an integration.

  10. Once the integration is complete on the Mallcomm server we will provide the correct Sign-in redirect URIs and Sign-out redirect URIs to update in the “LOGIN“ section under “General Settings“ for your application (shown above).

  11. This completes your integration with Mallcomm SSO.

Additional Assets

When creating an integration with an active directory like Okta or Azure the Mallcomm Team creates a provisioning provider. This gives a portfolio’s users a custom login screen to the auth service when their email matches an agreed pattern. This requires the following assets and configurations.

Name

Requirements

Where it’s used

Logo

  • Landscape

  • Recommended 1400 x 500px

At the top of the bespoke Auth Service login screen.

Icon

  • Square

  • Recommended 960 x 960px

On the buttons towards the bottom of the bespoke Auth Service login screen.

Brand Colour

  • Hex value

Throughout the bespoke Auth Service login screen.

Email Domain Patterns

A list of domain patterns that enforces a user to sign in with a companies Active Directory e.g. (.*)@toolboxgroup.global.

When redirected to our auth service if a pattern matches you are taken to the bespoke page rather then the standard login.