This article summarises the steps for setting up single sign-on (SSO) for mfloow and Okta.
Updated June 19, 2024
Important Considerations for Use
- The SSO feature requires a plan of "Business" level or higher.
- Currently, only SP-Initiated SSO is supported.
- Only users with the role of "Owner" or "Standard Administrator" are authorized to configure SSO settings.
- The email address registered for administrators in mfloow must match the email address registered in Okta.
- Even after enabling SSO, members who have already set a password will still be able to log in using their email address and password.
- If members using SSO have not set a password within mfloow, they can initiate a "password reset" to establish a password.
- To log in using SSO, you must assign users to the mfloow application within Okta.
SSO Configuration Steps for mfloow (Service Provider) and Okta (Identity Provider)
1. Log in to the Okta admin dashboard and select "Applications" from the menu, then click on "Applications."
2. Click the "Create App Integration" button on the "Applications" screen.
3. In the "Create a new app integration" pop-up, select "SAML 2.0" and then click the "Next" button.
| App name | Choose an appropriate application name (e.g., mfloow). |
| App logo (optional) | (Optional) You may choose to upload an application icon. |
5. Refer to the SSO configuration screen in mfloow while entering the following information in the "Configure SAML" section of Okta. Once you have completed the entries, click the "Next" button.
mfloow:
Okta:
| mfloow | Okta |
| ACS URL | Single sign-on URL |
| SP Entity ID | Audience URI (SP Entity ID) |
6. A feedback screen will appear; click the "Finish" button to proceed.
7. The application details page will be displayed. Click on the "Sign On" tab, then select "View SAML setup instructions" under the "SAML Setup" section.
8. While referencing the information displayed in the new tab, click the "Configure" button under the "SAML SSO Settings" section in the mfloow SSO configuration screen. Enter the required information, and then click the "Save" button to apply your changes.
Okta:
mfloow:
| Okta | mfloow |
| Identity Provider Single Sign-On URL | SSO URL |
| Identity Provider Issuer | Entity ID |
| X.509 Certificate Copy | Certificate |
9. In the mfloow SSO configuration screen, toggle the switch to enable "SAML SSO."
10. Click the "Enable" button in the pop-up to complete the process.
How to Log In Using Okta SSO
1. On the login screen, enter your "Company ID" and click the "Next" button.
2. On the next screen, click the "Login with SAML SSO" button.
If you are already logged into Okta
A pop-up will appear, and once the process is complete, it will close automatically, allowing you to log in to mfloow seamlessly.
If you are not logged into Okta
A pop-up will appear prompting you to enter your Okta login credentials. After successfully logging into Okta, the pop-up will close automatically, granting you access to your mfloow account.
Disable Single Sign-On (SSO)
Click the toggle for "Enable SAML SSO" on the mfloow SSO configuration screen.
A confirmation pop-up will appear. Click the "Disable" button to turn off SSO.
