Skip to content

Integrate Okta

Okta SAML/SSO Integration

This guide explains how to configure SAML-based Single Sign-On (SSO) between Okta and Tallyfy to enable automated user authentication and provisioning.

Requirements

  • Okta administrator account
  • Tallyfy Professional or Enterprise plan
  • SAML configuration values from Tallyfy Support

Implementation process overview

The integration involves three main phases:

  1. Creating and configuring an Okta SAML application
  2. Configuring SAML settings in both systems
  3. Enabling and testing the SSO integration

Phase 1: Create Okta SAML application

Step 1: Access application management

  1. Sign in to the Okta Admin Console

  2. Switch to Classic UI from the dropdown in the top left header

    Classic UI selection

  3. Navigate to Applications > Applications

  4. Click Add Application

    Applications menu

  5. Select Create New App

    Create New App button

  6. In the modal dialog, select Web for Platform.

  7. Select SAML 2.0 for Sign-on method.

  8. Click Create.

    Create new application modal

Step 2: Configure general settings

  1. Enter “Tallyfy” as the application name
  2. Optionally upload the Tallyfy logo
  3. Click Next

Phase 2: Configure SAML settings

Step 1: Obtain Tallyfy SAML values

To properly configure Okta, you need Tallyfy’s default SAML values:

  1. Contact Tallyfy Support to access your organization’s profile
  2. Navigate to the Org Settings tab
  3. Click on Add Configuration Details
  4. Locate the default SAML values section

Step 2: Enter SAML settings in Okta

Configure the SAML settings in Okta using the values from Tallyfy:

  1. Single Sign On URL: Enter the value from Tallyfy’s “SP ACS URL” field

  2. Keep Use this for Recipient URL and Destination URL checkbox selected

  3. Audience URI (SP Entity ID): Enter the value from Tallyfy’s “SP Entity ID” field

    SAML settings configuration

  4. Click Show Advanced Settings

  5. Change Authentication context class to X.509 Certificate

Step 3: Configure attribute statements

Add the attribute statements as detailed below:

NameName FormatValue
emailUnspecifieduser.email
FirstNameUnspecifieduser.firstName
LastNameUnspecifieduser.lastName
Attribute statements configuration
  1. After adding the attributes, click Next.

Step 4: Complete Okta configuration

  1. Select I’m an Okta customer adding an internal app
  2. Check This is an internal app that we have created
  3. Click Finish

Phase 3: Configure Tallyfy with Okta information

Step 1: Obtain Okta SAML information

  1. Navigate to the Sign On tab in your Okta application

    Sign On tab

  2. Scroll down and click View Setup Instructions

    View Setup Instructions

  3. The page will display the SAML configuration details for the identity provider

Step 2: Provide information to Tallyfy Support

  1. Send the Identity Provider Single Sign-On URL to Tallyfy Support.
  2. Send the Identity Provider Issuer to Tallyfy Support.
  3. Send the X.509 Certificate to Tallyfy Support.
  4. Tallyfy Support will configure these values in your organization’s SAML settings.

Step 3: Enable SAML authentication

Once Tallyfy Support has configured your SAML settings:

  1. Toggle the SAML activation switch to enable SSO for your organization

User provisioning and access

After completing the integration:

  1. Obtain the Tallyfy login URL from the SAML configuration modal (provided by Tallyfy Support)
  2. Share this URL with your users who have access to the Okta application

Users can now access Tallyfy through this URL:

  • Existing Tallyfy users will be automatically authenticated
  • New users will be provisioned in Tallyfy upon their first login

Troubleshooting

If users encounter authentication issues:

  • Verify the user has been assigned to the Okta application
  • Check that attribute mappings are correctly configured (exact names and formats)
  • Ensure users are accessing Tallyfy through the SSO URL
  • Contact Tallyfy Support for assistance with persistent issues

Authentication > Integrate OneLogin

A comprehensive walkthrough for setting up SAML Single Sign-On between OneLogin and Tallyfy by creating an application connector configuring SAML settings enabling user provisioning and testing the authentication flow.

Authentication > Integrate Azure AD

The comprehensive guide outlines the complete process for setting up SAML-based Single Sign-On between Microsoft Azure Active Directory and Tallyfy including application configuration attribute mapping and user provisioning steps for seamless authentication.

Authentication > Integrate Google Suite

The comprehensive guide outlines the process of implementing SAML-based Single Sign-On between Google Workspace and Tallyfy through application setup attribute mapping and user access configuration for automated authentication.

Integrations > Authentication and SSO

Free Single Sign-On integration enables team members to access Tallyfy using their existing company credentials while providing enhanced security automated account setup and centralized user management through popular identity providers.