Save as PDF

Okta SAML configuration

Overview

SAML Authentication is a paid add-on feature and must be enabled prior to use. Contact your account manager, or accountmanagers@responsive.io, to enable it.

Responsive uses the secure and widely adopted industry standard Security Assertion Markup Language 2.0 (SAML 2.0) and supports SAML Authentication as an add-on feature.

Our single sign-on (SSO) implementation integrates easily with any large identity provider that supports SAML 2.0.

Select the applicable tab for your edition of Responsive.

  • Configuring Okta

    1. In Okta, click Applications and select Applications.
      mceclip9.png
    2. Click Add Applications.
      mceclip10.png
    3. Enter Responsive in the Search box, select Responsive, then click Add.
      mceclip11.png
    4. Click Done.
      mceclip12.png
    5. Click Assign and select Assign to People.
      mceclip13.png
    6. Click Assign on the Assign Responsive to People pop-up.
      mceclip14.png
    7. Enter a username, then click Save and Go Back.
      mceclip15.png
    8. Click Done.
      mceclip16.png
    9. Click Sign On.
      mceclip17.png
    10. Click Edit.
      mceclip18.png
    11. Enter the value for Default Relay State.
      mceclip19.png
      Note: Replace Default Relay State with the Default Relay State value found in Responsive at Organization Settings > My Organization > Security > SSO.
    12. Select Email as the value for Application username format.
    13. Click Save. A success message will be displayed.
      mceclip21.png
    14. Click Identity Provider metadata to download the metadata file.
      Note: If the file is not downloaded, copy the file data and paste it in its field.

    Responsive Configuration

    To make configurations from the Responsive application, you can follow the steps below:

    1. Go to Organization Settings > My Organization > Security > SSO/SCIM, turn on the SSO toggle, then click Save.

      • Contact your account manager if the SAML SSO option is not available.
      • Multiple SSOs can be created for a single client instance. If interested, raise a support ticket. Once approved, the team will enable it for the client.
    2. Click Add Authentication Method.
    3. Enter okta as the name.
    4. Click Upload Configuration File and upload the metadata file. Alternatively, you can paste the copied XML data.
    5. Click Validate.
    6. Once validated, turn the Okta toggle on and click Save.

    Logging In to Responsive Using SAML

    Users can login to Responsive using SAML in three ways.

    Logging In From the Okta Dashboard

    1. Go to the Okta dashboard and click the Responsive application.
      mceclip2.png
    2. You will be navigated to the Responsive.
      mceclip3.png

    Logging In to app.rfpio.com using SAML

    1. Enter the URL app.rfpio.com and click Continue.
      mceclip1.png
    2. Click Okta.
      mceclip0.png

    Logging in using an instance-specific URL

    Contact your account manager to get an instance-specific URL which can be bookmarked in your browser.

    Just -in-Time provisioning

    With Just-in-Time provisioning, you can use a SAML assertion to create regular and portal users on the fly the first time they try to log in. This eliminates the need to create user accounts in advance. For example, if you recently added an employee to your organization and have provided access to Responsive in your SAML Identity Provider, you don't need to manually create the user in Responsive. When they log in with single sign-on for the 1st time, their account is automatically created for them, eliminating the time and effort with on-boarding the account. The new user can be assigned as Admin or Manager or Team Member role by defining the role in the SAML integration. Choose None. It helps keep unauthorized users from logging in through SAML.

  • Essentials features are subscription-based and may not be available for all users. Contact your account manager, or accountmanagers@responsive.io, for more details.

    Configuring Okta

    1. In Okta, click Applications and select Applications.
      mceclip9.png
    2. Click Add Applications.
      mceclip10.png
    3. Enter Responsive in the Search box, select Responsive, then click Add.
      mceclip11.png
    4. Click Done.
      mceclip12.png
    5. Click Assign and select Assign to People.
      mceclip13.png
    6. Click Assign on the Assign Responsive to People pop-up.
      mceclip14.png
    7. Enter a username, then click Save and Go Back.
      mceclip15.png
    8. Click Done.
      mceclip16.png
    9. Click Sign On.
      mceclip17.png
    10. Click Edit.
      mceclip18.png
    11. Enter the value for Default Relay State.
      mceclip19.png
      Note: Replace Default Relay State with the Default Relay State value found in Responsive at Organization Settings > My Organization > Security > SSO.
    12. Select Email as the value for Application username format.
    13. Click Save. A success message will be displayed.
      mceclip21.png
    14. Click Identity Provider metadata to download the metadata file.
      Note: If the file is not downloaded, copy the file data and paste it in its field.


      Responsive configuration

      To make configurations from the Responsive application, you can follow the steps below:

      1. Go to Organization Settings > My Organization > Security > SSO/SCIM, turn on the SSO toggle, then click Save.

        • Contact your account manager if the SAML SSO option is not available.
        • Multiple SSOs can be created for a single client instance. If interested, raise a support ticket. Once approved, the team will enable it for the client.
      2. Click Add Authentication Method.
      3. Enter okta as the name.
      4. Click Upload Configuration File and upload the metadata file. Alternatively, you can paste the copied XML data.
      5. Click Validate.
      6. Once validated, turn the Okta toggle on and click Save.

      Logging in to Responsive using SAML

      Users can login to Responsive using SAML in three ways.

      Logging In From the Okta Dashboard

      1. Go to the Okta dashboard and click the Responsive application.
        mceclip2.png
      2. You will be navigated to the Responsive.

      Logging In to app.rfpio.com using SAML

      1. Enter the URL app.rfpio.com and click Continue.
      2. Click Okta.

    Logging in using an instance-specific URL

    Contact your account manager to get an instance-specific URL which can be bookmarked in your browser.

    Just -in-Time provisioning

    With Just-in-Time provisioning, you can use a SAML assertion to create regular and portal users on the fly the first time they try to log in. This eliminates the need to create user accounts in advance. For example, if you recently added an employee to your organization and have provided access to Responsive in your SAML Identity Provider, you don't need to manually create the user in Responsive. When they log in with single sign-on for the 1st time, their account is automatically created for them, eliminating the time and effort with on-boarding the account. The new user can be assigned as Admin or Manager or Team Member role by defining the role in the SAML integration. Choose None. It helps keep unauthorized users from logging in through SAML.

 

Was this article helpful?

/