Skip to content

Integrate Okta

Okta SAML/SSO Integration

This guide explains how to configure SAML-based Single Sign-On (SSO) between Okta and Tallyfy to enable seamless authentication and automated user provisioning.

Requirements

  • Okta administrator account
  • Tallyfy Professional or Enterprise plan
  • SAML configuration values from Tallyfy Support

Implementation Process Overview

The integration involves three main phases:

  1. Creating and configuring an Okta SAML application
  2. Configuring SAML settings in both systems
  3. Enabling and testing the SSO integration

Phase 1: Create Okta SAML Application

Step 1: Access Application Management

  1. Sign in to the Okta Admin Console
  2. Switch to Classic UI from the dropdown in the top left header
Classic UI selection
  1. Navigate to Applications > Applications
  2. Click Add Application
Applications menu
  1. Select Create New App
Create New App button
  1. In the modal dialog:
    • Platform: Web
    • Sign-on method: SAML 2.0
    • Click Create
Create new application modal

Step 2: Configure General Settings

  1. Enter “Tallyfy” as the application name
  2. Optionally upload the Tallyfy logo
  3. Click Next
General settings configuration

Phase 2: Configure SAML Settings

Step 1: Obtain Tallyfy SAML Values

To properly configure Okta, you need Tallyfy’s default SAML values:

  1. Contact Tallyfy Support to access your organization’s profile
  2. Navigate to the Org Settings tab
  3. Click on Add Configuration Details
  4. Locate the default SAML values section
Tallyfy organization settingsTallyfy default SAML values

Step 2: Enter SAML Settings in Okta

Configure the SAML settings in Okta using the values from Tallyfy:

  1. Single Sign On URL: Enter the value from Tallyfy’s “SP ACS URL” field
  2. Keep Use this for Recipient URL and Destination URL checkbox selected
  3. Audience URI (SP Entity ID): Enter the value from Tallyfy’s “SP Entity ID” field
SAML settings configuration
  1. Click Show Advanced Settings
  2. Change Authentication context class to X.509 Certificate
Advanced settings configuration

Step 3: Configure Attribute Statements

Add the following three attributes exactly as shown:

NameName FormatValue
emailUnspecifieduser.email
FirstNameUnspecifieduser.firstName
LastNameUnspecifieduser.lastName
Attribute statements configuration
  1. Click Next

Step 4: Complete Okta Configuration

  1. Select I’m an Okta customer adding an internal app
  2. Check This is an internal app that we have created
  3. Click Finish
Feedback configuration

Phase 3: Configure Tallyfy with Okta Information

Step 1: Obtain Okta SAML Information

  1. Navigate to the Sign On tab in your Okta application
Sign On tab
  1. Scroll down and click View Setup Instructions
View Setup Instructions
  1. The page will display the SAML configuration details for the identity provider
Okta SAML configuration details

Step 2: Provide Information to Tallyfy Support

  1. Send the following information to Tallyfy Support:

    • Identity Provider Single Sign-On URL
    • Identity Provider Issuer
    • X.509 Certificate
  2. Tallyfy Support will configure these values in your organization’s SAML settings

Tallyfy SAML configuration

Step 3: Enable SAML Authentication

Once Tallyfy Support has configured your SAML settings:

  1. Toggle the SAML activation switch to enable SSO for your organization
Enable SAML toggle

User Provisioning and Access

After completing the integration:

  1. Obtain the Tallyfy login URL from the SAML configuration modal (provided by Tallyfy Support)
  2. Share this URL with your users who have access to the Okta application
Tallyfy login URL

Users can now access Tallyfy through this URL:

  • Existing Tallyfy users will be automatically authenticated
  • New users will be provisioned in Tallyfy upon their first login

Troubleshooting

If users encounter authentication issues:

  • Verify the user has been assigned to the Okta application
  • Check that attribute mappings are correctly configured (exact names and formats)
  • Ensure users are accessing Tallyfy through the SSO URL
  • Contact Tallyfy Support for assistance with persistent issues

Authentication > Integrate OneLogin

SAML-based Single Sign-On integration between OneLogin and Tallyfy enables automated user provisioning through a three-phase setup process involving application creation configuration exchange and SSO testing.

Authentication > Integrate Azure AD

The detailed guide outlines the complete process of setting up and configuring SAML-based Single Sign-On between Azure Active Directory and Tallyfy for seamless user authentication and automated provisioning.

Authentication > Integrate Google Suite

A detailed walkthrough for implementing SAML-based Single Sign-On between Google Workspace and Tallyfy which enables automated user provisioning through configuration of custom SAML applications user attributes and authentication settings.

Integrations > Authentication and SSO

Single Sign-On integration with Tallyfy enables seamless authentication through major identity providers while offering enhanced security automated user provisioning and centralized access management across organizations.