Admin (Planner) User SAML SSO custom configuration
getregistered supports SAML SSO via Okta for admin user authentication. This guide will walk you through setting up SAML SSO with getregistered as the service provider (SP) and your identity provider (IdP) as the identity provider using a custom application in Okta.
Read this before you enable SAML
Enabling SAML affects all backend users who use getregistered. Users won't be able to sign in through their regular sign-in page. They are able to access getregistered through the SAML SSO service.
Backup URL
getregistered doesn't provide a backup sign-in URL where users can sign in using their regular username and password. If necessary, contact getregistered Support ([email protected]) to turn off SAML.
Prerequisites
To enable SAML SSO, please contact support to confirm that it is available as part of your getregistered subscription plan. You will need to work with getregistered support to configure the integration.
Supported features
- IdP-initiated SSO
- SP-initiated SSO
- Just-In-Time provisioning
For more information on the listed features, visit the Okta Glossary.
Configuration steps
- Create a new App Integration in the Okta console. Choose SAML 2.0 as the integration type and follow this guide. https://help.okta.com/en-us/content/topics/apps/apps_app_integration_wizard_saml.htm
- Copy the Metadata URL from the Okta Admin Console, SAML 2.0 Sign on methods section.
- Contact the getregistered support team ([email protected]) and request that they enable SAML 2.0 for your account. Include the "Metadata URL" value from the previous step.
- The getregistered support team will configure the SAML settings for your account.
SAML attributes
The following SAML attributes are required and authentication will fail with an error if they are not included in the SAML assertion.
Name | Value |
user.email | |
firstName | user.firstName |
lastName | user.lastName |
SAML Group attributes
Admin level access is assigned via a group attribute getregistered Admins
.
If this attribute is present in the assertion, the user will be granted admin access.
SP-initiated SSO
The sign-in process is initiated from getregistered.
- From your browser, navigate to the getregistered sign-in page.
- Enter your Okta credentials (your email and password) and click "Sign in with Okta". If your credentials are valid, you are redirected to the getregistered dashboard.