Single Sign-On with Okta

This is an Enterprise only feature and will incur an extra cost.
If you don’t have an Enterprise license yet but are interested, please contact us at success@mopinion.com.

Setting up single sign-on properly takes some work, but the added security is worth the trouble! Below we’ll outline the steps to enable single sign-on with Okta for Mopinion.

Getting the data from Mopinion

To set up Mopinion in your Okta environment first you’ll need to get the Uuid of your organisation. Find it in the Mopinion app by navigating to your “Organisation” page through the top right menu.

 

Then copy the identifier at the “Uuid” field.

 

Setting up your Okta application for Mopinion

Next up we’ll create the application that will be linked to Mopinion.

In your Okta admin environment navigate to the "Application" page to create a new app integration

For the sign-in method choose: SAML 2.0

Fill in a name for your integration under General Settings, and optionally add a logo

 

SAML Settings - General

Fill in the fields as mentioned below. (other fields can be left at their default or blank value)

  • Single sign-on URL: https://<customer-domain>.mopinion.com/simplesaml/module.php/saml/sp/saml2-acs.php/okta-sp-<organisation-uuid>

    • Check the box: Use this for Recipient URL and Destination URL

  • Audience URI (SP Entity ID): https://<customer-domain>.mopinion.com/<organisation-uuid>

  • Application username: Email

 

SAML Settings - Attribute Statements

Add the following attributes in the section Attribute Statements

  • givenname Basic user.firstName

  • surname Basic user.lastName

  • emailaddress Basic user.email

  • name Basic user.login

 

Click next and finish the last step.

Make sure to add the attributes in the section Attribute Statements and not in the section Group Attribute Statements.

Linking your Okta application to your Mopinion account

In Okta, on the Sign On page, copy the Metadata Url
It will look something like this: <domain>.com/app/<key>/sso/saml/metadata and send it over to our support team through support@mopinion.com. We’ll set everything up on our side and we’ll let you know when you’re good to go!

If you require additional help with the set up of course our support team is ready to assist.

From now on you can only add users to your Mopinion account by adding them through your Okta application.

Making sure single sign-on is enabled in Mopinion

You can easily check if single sign-on is enabled for you organisation in Mopinion by navigating to the “User management” section. An indicator will show next to the page title if single sign-on is enabled.