Skip to main content
All CollectionsI am resolving an incidentUser & account configurationSCIM & HRIS integrations & SSO
SSO setup Okta - SAML
SSO setup Okta - SAML

This document is a step-by-step guide to setting up Security Assertion Markup Language (SAML) SSO using Okta and will allow users to fully migrate to using Okta as their login to the Vault Platform Resolution Hub.

O
Written by Oluwaseyi Bakare
Updated today
Please note that SSO does not apply to the app, only to the Resolution Hub, and will therefore only be used to allow case managers and admins to access the resolution hub.


Getting Started:

  1. Log in to your Okta Admin panel. You must have permission to access that admin panel to add the Vault Platform app to your list of applications.

  2. Visti this url: https://www.okta.com/integrations/vault-platform/

  3. Select the Add Integration button to initiate adding Vault Platform to your apps.

  4. You should now be faced with the Add Vault Platform screen. Select your preference and select next.

  5. Under sign on options, select SAML 2.0, enter the default relay state which should be along https://app.vaultplatform.com.

  6. You should scroll further down the page and see Advanced Sign-on Settings this should include a Slug field parameter. You should also set your application username to be of type Email and update application username on Create and update. Your page should look like this:

    The slug should have been set up as part of your onboarding. If you cannot remember it please contact customer support at [email protected] and ask for your Organisations Slug.

  7. Click on the View Setup Instructions. Keep this page open or copy the values for SSO URL, Identity Provider Issuer and X.509 Certificate (please copy the PEM Text Format) as you will need these shortly.

    You should have been redirected to a page that looks like this:

  8. Click done on the Sign-On Options page.

  9. Go to the Assignments tab and add yourself as a user, you will shortly use this to test everything is working before adding other relevant Okta users/groups that should have access to Resolution Hub.

  10. In a new tab, log in to your Vault Platform Resolution Hub using your email and password: https://app.vaultplatform.com/login

  11. Go to the Administration > Authentication page:

  12. Change the login method dropdown to Identity Provider - Okta - SAML

  13. Using the details in the SAML setup instructions page, enter the information: Issuer URI is the Identity Provider Issuer SSO URL is the Identity Provider Single-Sign-On URL Certificate is the X.509 Certificate.

  14. Click Save.

  15. Confirm that you want to change the login method for all Resolution Hub users.

    Note: At this point users currently logged in to Resolution Hub will not be logged out but will have to log in with Okta on their next session.

  16. Open a new incognito web browser window to test, navigate to: https://app.vaultplatform.com/login, type in your email address, you should be redirected to Okta to complete sign in, after authenticating with Okta, you should be logged in to Resolution Hub.

  17. If all is working correctly, return to Okta and add all relevant staff people/groups that should have access to Vault Platform’s Resolution Hub.

  18. You’re done! All Resolution Hub users will now be authenticated by Okta when they next log in.


    Troubleshooting

    If when trying to log in to Resolution Hub you get a SAML auth error page, this is usually because the Okta user you are trying to log in with has not been added to the Vault Platform application in Okta (Assignments tab) or the email address you are using for your Okta user does not match the one in Vault Platform. Finally, please double-check that you have used the correct Issuer URI which you can find in OKTA.

    Need Help?

    If you have problems or issues with Vault Platform and Okta, contact the Vault team [email protected] and we’ll work with you on it.

Related Articles
How to configure SSO with Microsoft Entra ID (SAML)
Did this answer your question?