Setting up SSO - Okta

Follow

SSO (Single Sign On) authentication lets you access your company’s applications and websites with a single set of login credentials. Centage has now enabled you to include Planning Maestro in your SSO solution.

You can add Planning Maestro to your company’s SSO solution if you use any SAML 2.0 compliant identity providers, including:

  • OneLogin
  • Okta
  • RSASecurID
  • Idaptive
  • Ping
  • Azure AD
  • CA Technologies
  • ... (and many more. Ask Centage Support.)

When you work with Centage to set up SSO, your company’s Administrator chooses an SSO Admin user in Planning Maestro who can set up SSO for your company.

This document shows you, a Planning Maestro SSO Admin, how to set up SSO for your company using Okta.

Info.png Please Note: You can only add Planning Maestro to your SSO solution after you have your Planning Maestro account set up.

Setting up SSO with Okta

Step 1: Open your company’s Okta account. On the homepage, select Admin.

O1a.png

Step 2: At the top of the page, click Applications.

O1b.png

Step 3: On the Applications page, click Add Application.

O1c.png

Step 4: A search menu appears below. Click Create New App.

O1c1.png

Step 5: A Create a New Application Integration popup appears. Next to Sign on method, select the SAML 2.0 radio button. Click Create.

O1d.png

Step 6: A Create SAML Integration page appears. On the General Settings tab, in the App name field, enter Planning Maestro and click Next.

O1e.png

Step 7: On the Configure SAML tab, under SAML Settings, enter the following information in the fields provided:

O1f.png

Single sign on URL – Enter https://companydomain.planningmaestro.com/saml/SSO (with your company’s domain name in place of “company domain”).

Example.png Example: This example company’s domain name is paradventureinc, so their Single Sign On URL is https://paradventureinc.planningmaestro.com/saml/SSO.

Audience URI (SP Entity ID) – Enter planning-maestro.

Under ATTRIBUTE STATEMENTS (OPTIONAL), enter displayName in the Name field and user.displayName in the Value field.

Info.png Please Note: If you have a Premium Okta account, you can add a custom field named Centage Username. This custom field would make it easier to add users later.

Click Next.

Step 8: On the Feedback tab, next to Are you a customer or partner?, select I’m an Okta customer adding an internal app.

O1g.png

Step 9: More fields appear below. Mark the This is an internal app that we have created checkbox and click Finish.

O1h.png

Saving Your Metadata URL and Recipient URL

A new page opens with the Name you selected before. Use this page to collect two pieces of information you need to set up SSO in Planning Maestro:

1. Metadata URL

2. Recipient URL

Saving Your Metadata URL

On the Sign On tab, scroll down to the box highlighted in yellow. Right-click on Identity Provider Metadata and select Copy link address.

O1i.png

You should be presented with the content of this Metadata URL, with something like:

  • https: //<domain>.okta.com/app/<okta id>/sso/saml/metadata

Save this link in a safe place (such as a Notepad file on your desktop). You will need it to set up SSO in Planning Maestro itself.

Info.png Please Note: Copy this link and save it somewhere secure.

Saving Your Recipient URL

Now, save your Recipient URL. Select the General tab.

O2i.png

Copy the Recipient URL on this page and save it with your Metadata URL. You will need both of these URLs when you set up SSO in Planning Maestro.

O2j.png

Assigning Users

Step 1: To assign users from your company to access Planning Maestro through SSO, select the Assignments tab.

Info.png Please Note: If this user is brand-new and does not have an Okta account yet, add them as a new user in Okta first.

O1j.png

Step 2: On the Assignments tab, click on Assign and select Assign to People from the dropdown menu.

O1k.png

Step 3: An Assign Planning Maestro to People popup appears. Click Assign next to the first user who should be able to access Planning Maestro through SSO.

O1l.png

Step 4: Your work email appears in the User Name field. Click Save and Go Back.

O1m.png

Step 5: The popup returns to the list of users. The user you assigned has an Assigned button. Click Done.

O1n1.png

Repeat steps 1-4 to assign other users.

Step 6: After assigning all necessary users, click Done.

O1o.png

  • The Assignments page lists all users who can access Planning Maestro through your company’s SSO solution.
  • Use the following section to make sure these user’s Okta display names match their Planning Maestro usernames.

Confirming Display Names

Info.png Please Note: If you want to add users who are new to Okta and Planning Maestro, first create the users in Okta. Then, you can assign those users to the Planning Maestro portal.

To assign users to Planning Maestro who already exist in Okta, see the previous section.

Make sure your assigned users’ display names are the same as their Planning Maestro user names. Otherwise, these users cannot access Planning Maestro.

Step 1: On the page for this Planning Maestro app, on the Assignments tab, select the name of any user.

O2c.png

Step 2: The user’s page opens. Select the Profile tab.

O2d.png

Step 3: The user’s profile appears. Click Edit.

O2e.png

Step 4: Scroll down to Display name and make sure this display name is an exact character match for the user’s Planning Maestro User Name.

O2f.png

Step 5: Scroll down and click Save.

O2g.png

Now, see Setting up SSO in Planning Maestro to learn how to use the Metadata URL and Recipient URL you saved from Okta to set up SSO from within Planning Maestro.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.