Integrate Okta SSO

Okta SAML/SSO Integration

Want to connect Okta with Tallyfy? You’ll be setting up SAML-based Single Sign-On (SSO) that handles user authentication and creates accounts automatically. Takes about 30 minutes.

Coordination Required

SSO setup requires exchanging configuration information between your organization and Tallyfy. You can’t complete this process on your own. Submit a support ticket to get started.

Requirements

• Okta administrator account
• Tallyfy Professional or Enterprise plan
• SAML configuration values from Tallyfy Support

Implementation process overview

Here’s what you’ll do:

1. Create an Okta SAML application
2. Configure settings in both systems
3. Turn on SSO and test it works

Phase 1: Create Okta SAML application

Step 1: Access application management

1. Sign in to the Okta Admin Console

2. Switch to Classic UI from the dropdown in the top left header

   

3. Navigate to Applications > Applications

4. Click Add Application

   

5. Select Create New App

   

6. In the modal dialog, select Web for Platform.

7. Select SAML 2.0 for Sign-on method.

8. Click Create.

   

Step 2: Configure general settings

1. Enter “Tallyfy” as the application name
2. Optionally upload the Tallyfy logo
3. Click Next

Phase 2: Configure SAML settings

Step 1: Obtain Tallyfy SAML values

First, you’ll need to grab Tallyfy’s SAML values - these tell Okta where to send login information:

1. Contact Tallyfy Support to access your organization’s profile
2. Navigate to the Org Settings tab
3. Click on Add Configuration Details
4. Locate the default SAML values section

Step 2: Enter SAML settings in Okta

Time to configure Okta with those values you just got:

1. Single Sign On URL: Enter the value from Tallyfy’s “SP ACS URL” field

2. Keep Use this for Recipient URL and Destination URL checkbox selected

3. Audience URI (SP Entity ID): Enter the value from Tallyfy’s “SP Entity ID” field

   

4. Click Show Advanced Settings

5. Change Authentication context class to X.509 Certificate

Step 3: Configure attribute statements

Next, tell Okta which user information to send to Tallyfy:

Name	Name Format	Value
email	Unspecified	user.email
FirstName	Unspecified	user.firstName
LastName	Unspecified	user.lastName

1. After adding the attributes, click Next.

Step 4: Complete Okta configuration

1. Select I’m an Okta customer adding an internal app
2. Check This is an internal app that we have created
3. Click Finish

Phase 3: Configure Tallyfy with Okta information

Step 1: Obtain Okta SAML information

1. Navigate to the Sign On tab in your Okta application

   

2. Scroll down and click View Setup Instructions

   

3. The page will display the SAML configuration details for the identity provider

Step 2: Provide information to Tallyfy Support

1. Send the Identity Provider Single Sign-On URL to Tallyfy Support.
2. Send the Identity Provider Issuer to Tallyfy Support.
3. Send the X.509 Certificate to Tallyfy Support.
4. Tallyfy Support will configure these values in your organization’s SAML settings.

Step 3: Enable SAML authentication

After Tallyfy Support confirms they’ve configured your settings:

1. Toggle the SAML activation switch to enable SSO for your organization

User provisioning and access

Once everything’s set up:

1. Get the Tallyfy login URL from the SAML configuration modal (Tallyfy Support provides this)
2. Share this URL with your users who have access to the Okta application

Here’s how it works for your users:

• Already have a Tallyfy account? They’ll log in automatically
• Don’t have an account yet? Tallyfy creates one on their first login

SSO authentication flow

This shows the complete authentication process from setup to user access.

What to notice:

• Steps 1-6 show the one-time setup collaboration between your Admin and Tallyfy Support
• Steps 7-14 demonstrate the actual user authentication flow that happens every login
• Tallyfy automatically creates accounts for new users (step 13) using the email and name attributes from Okta

Troubleshooting

Can’t log in? Check these things first:

• Is the user assigned to the Okta application?
• Are the attribute mappings exactly right? (names and formats matter)
• Are users using the SSO URL - not the regular Tallyfy login page?
• Still stuck? Contact Tallyfy Support

Advanced Okta Integration with AI Tools

Okta’s OAuth 2.0 support and cross-domain authorization standards make it perfect for AI system integrations. Want to extend Okta identity governance to AI-powered workflow apps? Check out enterprise SSO patterns with MCP servers.

Related articles

Authentication > Integrate OneLogin SSO

OneLogin SAML/SSO integration with Tallyfy enables automatic user authentication and account creation through a collaborative 30-minute setup process involving creating a SAML application connector configuring settings in both systems and exchanging metadata with Tallyfy Support for seamless single sign-on with automatic user provisioning.

Authentication > Integrate JumpCloud SSO

JumpCloud SAML/SSO integration connects JumpCloud with Tallyfy for automatic user authentication and account creation through a 30-minute collaborative setup process involving creating a custom SAML application configuring service provider settings and exchanging metadata with Tallyfy Support to enable seamless single sign-on authentication.

Authentication > Integrate Microsoft Entra ID SSO

Microsoft Entra ID integrates with Tallyfy through a collaborative 30-minute SAML SSO setup process that requires creating an enterprise application configuring authentication settings and working with Tallyfy Support to exchange configuration details enabling automatic user authentication and account provisioning for seamless single sign-on access.

Authentication > Integrate Google Workspace

Google Workspace SAML/SSO integration with Tallyfy enables automatic user authentication through Google credentials via a three-phase collaborative setup process that involves creating a custom SAML application in Google Workspace configuring attribute mappings and working with Tallyfy Support to exchange configuration details for seamless single sign-on with automatic user provisioning.

Was this helpful?

YesNo