Integrate Okta

Okta SAML/SSO Integration

This guide explains how to configure SAML-based Single Sign-On (SSO) between Okta and Tallyfy to enable seamless authentication and automated user provisioning.

Coordination Required

SSO setup requires exchanging configuration information between your organization and Tallyfy. This process cannot be completed independently. Please submit a support ticket to initiate the integration process.

Requirements

• Okta administrator account
• Tallyfy Professional or Enterprise plan
• SAML configuration values from Tallyfy Support

Implementation Process Overview

The integration involves three main phases:

1. Creating and configuring an Okta SAML application
2. Configuring SAML settings in both systems
3. Enabling and testing the SSO integration

Phase 1: Create Okta SAML Application

Step 1: Access Application Management

1. Sign in to the Okta Admin Console
2. Switch to Classic UI from the dropdown in the top left header

3. Navigate to Applications > Applications
4. Click Add Application

5. Select Create New App

6. In the modal dialog:
   • Platform: Web
   • Sign-on method: SAML 2.0
   • Click Create

Step 2: Configure General Settings

1. Enter “Tallyfy” as the application name
2. Optionally upload the Tallyfy logo
3. Click Next

Phase 2: Configure SAML Settings

Step 1: Obtain Tallyfy SAML Values

To properly configure Okta, you need Tallyfy’s default SAML values:

1. Contact Tallyfy Support to access your organization’s profile
2. Navigate to the Org Settings tab
3. Click on Add Configuration Details
4. Locate the default SAML values section

Step 2: Enter SAML Settings in Okta

Configure the SAML settings in Okta using the values from Tallyfy:

1. Single Sign On URL: Enter the value from Tallyfy’s “SP ACS URL” field
2. Keep Use this for Recipient URL and Destination URL checkbox selected
3. Audience URI (SP Entity ID): Enter the value from Tallyfy’s “SP Entity ID” field

4. Click Show Advanced Settings
5. Change Authentication context class to X.509 Certificate

Step 3: Configure Attribute Statements

Add the following three attributes exactly as shown:

Name	Name Format	Value
email	Unspecified	user.email
FirstName	Unspecified	user.firstName
LastName	Unspecified	user.lastName

6. Click Next

Step 4: Complete Okta Configuration

1. Select I’m an Okta customer adding an internal app
2. Check This is an internal app that we have created
3. Click Finish

Phase 3: Configure Tallyfy with Okta Information

Step 1: Obtain Okta SAML Information

1. Navigate to the Sign On tab in your Okta application

2. Scroll down and click View Setup Instructions

3. The page will display the SAML configuration details for the identity provider

Step 2: Provide Information to Tallyfy Support

1. Send the following information to Tallyfy Support:

   • Identity Provider Single Sign-On URL
   • Identity Provider Issuer
   • X.509 Certificate

2. Tallyfy Support will configure these values in your organization’s SAML settings

Step 3: Enable SAML Authentication

Once Tallyfy Support has configured your SAML settings:

1. Toggle the SAML activation switch to enable SSO for your organization

User Provisioning and Access

After completing the integration:

1. Obtain the Tallyfy login URL from the SAML configuration modal (provided by Tallyfy Support)
2. Share this URL with your users who have access to the Okta application

Users can now access Tallyfy through this URL:

• Existing Tallyfy users will be automatically authenticated
• New users will be provisioned in Tallyfy upon their first login

Troubleshooting

If users encounter authentication issues:

• Verify the user has been assigned to the Okta application
• Check that attribute mappings are correctly configured (exact names and formats)
• Ensure users are accessing Tallyfy through the SSO URL
• Contact Tallyfy Support for assistance with persistent issues

Related articles

Authentication > Integrate OneLogin

SAML-based Single Sign-On integration between OneLogin and Tallyfy enables automated user provisioning through a three-phase setup process involving application creation configuration exchange and SSO testing.

Authentication > Integrate Azure AD

The detailed guide outlines the complete process of setting up and configuring SAML-based Single Sign-On between Azure Active Directory and Tallyfy for seamless user authentication and automated provisioning.

Authentication > Integrate Google Suite

A detailed walkthrough for implementing SAML-based Single Sign-On between Google Workspace and Tallyfy which enables automated user provisioning through configuration of custom SAML applications user attributes and authentication settings.

Integrations > Authentication and SSO

Single Sign-On integration with Tallyfy enables seamless authentication through major identity providers while offering enhanced security automated user provisioning and centralized access management across organizations.