In this article, we’ll run through how you can integrate your Okta Identity Management Solution to allow employees to sign in to their Reward Gateway platform through it.

Before continuing, we recommended reading: Guide to SAML Integration Settings

How to enable the Okta integration?

To enable Okta, log into Reward Manager, click on the Integrations tab on the left, and under the ”Explore” tab you will see the “Okta” application. 

If you don’t have access please speak with your Client Success Manager or a member of the Client Support team who will assign your permissions.

Setup

Watch the following video which demonstrates the setup process step-by-step:

Initial Setup

Upload Certificate

Please note this should be in a .PEM format if you are copy-pasting or in a .CRT/.CERT format if you are uploading it. 

Identity Provider URL

This should be the URL to access the Okta application directly. 

Example URL: https://subdomain.okta.com/app/application_name/exkd77cxBAvH2TEci355/sso/saml

The Identity Provider URL can be found in the ‘View SAML setup Instructions’ section on the Okta admin dashboard.
The certificate can be found in the same section or under Applications > Single Sign-On > SAML Signing Certificates.

Mapping

• Select the Identifier - this will be the main detail passed over to us to authenticate the user. If it’s a self-registration scheme, the identifier will be Employee/Payroll Number by default.

• Select the SAML Identity Location - this tells our system where to look for the identifier.
  - Identity is in the Name Identifier - our system will look for the ID in the NameID
  - Identity is in an Attribute Element - it will look for the ID but under a different name

Just-In-Time Provisioning

If enabled, employees will be automatically provisioned. It will still allow them to create an account, even if we don’t have their details (ID/Email Address).

Testing

To test the integration, please try to log in with the test user who was assigned the app on the Okta Dashboard. To learn how to assign a user in Okta, see the Build a Single Sign-On (SSO) integration guide.  

If the test is passed successfully, you will receive a confirmation message that your integration is ready to be published. 



In case the attempt is unsuccessful, you will be able to see the error details on the Integration Dashboard. You will then need to rectify and re-attempt a login. 

Publishing

To publish your integration, you need to go back to the Integrations dashboard, find your integration (which should be at a Pending status), then click Options > Publish > click the ‘Publish’ button. Your Integration will then appear as Live.