Single Sign On
These instructions are accurate as of May 2015. As Okta may make changes to their user interface at any time you may find that some aspects of this step by step such as button and screen names may not align completely with the Okta app. If you notice any misalignment, please let us know so that we can keep these instructions as up to date and accurate as possible.
- You must have an Okta Administrator account
Step 1 - Download the Skills Base SAML metadata
- Log into Skills Base using your shortcut link
- Click Admin > Authentication
- For “Single Sign-On” select “SAML2”
- Click “Download the Service Provider (SP) metadata for this instance”
- Save the file somewhere for use later
Step 2 - Configure Okta
1. Go to the Administrator dashboard: https://skills-base-admin.okta.com/admin/dashboard
2. Click the "Applications" tab
3. Click "Add Application"
4. Click the green "Create New App" button:
5. Select "SAML 2.0" from the popup dialogue and click "Create":
6. For "App name" enter "Skills Base"
7. Under "App visibility" make sure both boxes are ticked (ie: "Do not display application icon to users" and "Do not display application icon in the Okta Mobile app"), then click "Next"
8. Under "A - SAML Settings" click "Show advanced settings" and enter the following details:
|Single sign on URL||To get this value:
|Use this for Recipient URL and Destination URL||(Tick)|
|Audience URI (SP Entity ID)||To get this value:
|Name ID format||Transient|
|Authentication context class||X.509 Certificate|
|Honor Force Authentication||Yes|
|Attribute statements||GivenName, Basic, user.firstName
Surname, Basic, user.lastName
Email, Basic, user.email
9. Click "Next"
10. You will now need to assign people to the application. Click the "People" tab, then "Assign Application", then select the relevant people for testing. Later you can amend this to include all of the people you would like to access Skills Base.
11. You can now download the Okta metadata for use in configuring Skills Base in the next step. Click the "Sign on" tab of the Skills Base app you created and then click the "Identity Provider Metadata" link to download the metadata.
Additional steps if you are using Okta as a portal
If you are using Okta as a portal to access multiple services you will note that we hid the Skills Base app you created in step 7. This is because you can't access Skills Base via the Okta sign in link. You must access Skills Base using your Skills Base shortcut link which will redirect you to Okta for sign in. For this reason if you are using Okta as a portal and want your end users to have the ability to access Skills Base by clicking the Skills Base item in Okta, you can follow the next steps:
1. Go to the Administrator dashboard (located at /admin)
2. Click the "Applications" menu item
3. Click "Add Application"
4. Click the green "Create New App" button
5. Find the "Bookmark App" app and select it.
6. For "Application label" enter "Skills Base"
7. For "URL" enter your Skills Base shortcut link
8. Ensure all of the other checkboxes are not ticked and click "Next"
9. Assign the people you would like to access Skills Base.
10. Click "Done"
Step 3 - Configure Skills Base
1. Log into Skills Base as an administrator
2. Navigate to Admin > Authentication
3. Select "SAML 2" as the Single Sign On type.
4. Click the "Set up now" button. A text box will appear.
5. Using a text editor like Notepad, open the Okta metadata file that you downloaded in the previous section, copy all of it's contents and paste them into the text box.
6. Click the "Save" button.
Step 4 - Test
1. Log out of Skills Base
2. Use your shortcut link to access your Skills Base instance.
3. You should be taken to the Okta login page
4. Once you have successfully authenticated to Okta you should be signed into Skills Base.
Accessing Skills Base via Single Sign On
To access Skills Base via Okta Sign On, use your Skills Base shortcut link. You will automatically be redirected to Okta for authentication.