Single Sign-On with Okta
This is an Enterprise only feature and will incur an extra cost.
If you don’t have an Enterprise license yet but are interested, please contact us at success@mopinion.com.
Setting up single sign-on properly takes some work, but the added security is worth the trouble! Below we’ll outline the steps to enable single sign-on with Okta for Mopinion.
Getting the data from Mopinion
To set up Mopinion in your Okta environment first you’ll need to get the Uuid of your organisation. Find it in the Mopinion app by navigating to your “Organisation” page through the top right menu.
Then copy the identifier at the “Uuid” field.
Setting up your Okta application for Mopinion
Next up we’ll create the application that will be linked to Mopinion.
In your Okta admin environment navigate to the "Application" page to create a new app integration
For the sign-in method choose: SAML 2.0
Fill in a name for your integration under General Settings, and optionally add a logo
SAML Settings - General
Fill in the fields as mentioned below. (other fields can be left at their default or blank value)
Single sign-on URL: https://<customer-domain>.mopinion.com/simplesaml/module.php/saml/sp/saml2-acs.php/okta-sp-<organisation-uuid>
Check the box: Use this for Recipient URL and Destination URL
Audience URI (SP Entity ID): https://<customer-domain>.mopinion.com/<organisation-uuid>
Application username: Email
SAML Settings - Attribute Statements
Add the following attributes in the section Attribute Statements
givenname Basic user.firstName
surname Basic user.lastName
emailaddress Basic user.email
name Basic user.login
Click next and finish the last step.
Make sure to add the attributes in the section Attribute Statements
and not in the section Group Attribute Statements
.
Linking your Okta application to your Mopinion account
In Okta, on the Sign On page, copy the Metadata Url
It will look something like this: <domain>.com/app/<key>/sso/saml/metadata and send it over to our support team through support@mopinion.com. We’ll set everything up on our side and we’ll let you know when you’re good to go!
If you require additional help with the set up of course our support team is ready to assist.
From now on you can only add users to your Mopinion account by adding them through your Okta application.
Making sure single sign-on is enabled in Mopinion
You can easily check if single sign-on is enabled for you organisation in Mopinion by navigating to the “User management” section. An indicator will show next to the page title if single sign-on is enabled.