SSO Setup with OKTA in Zephyr

Configure Zephyr Application with OKTA


1. Register at OKTA and buy license and login to OKTA

Enter your username and password

Username : XXX
Password : XXX

2. After logging in, click on Admin on the right side of the page.




3. Click on 'Add Applications' and then click on 'Create New App'.




4. Select SAML 2.0 in the create new app window and then click on 'Create'.



5. In the General Settings, provide an application name, choose the logo (if required) and select the available options as you see fit.



6.  In the SAML setting, provide the the Single Sign-On URL, Audience url and application username. Select the Application username as OKTA username, or email id by which you want to validate with zephyr
                     Single Sign-On URL, audience URL copy from the zephyr application (Administration → UserAuthentication System → Single Sign-On Authentication system → Configuration Info)



7. Fill in the required fields and any optional field. After filling in the fields, click on 'Next'.



8. Click on 'Finish'.

On the next page, click on 'View Setup Instructions' and copy the same url's and download the certificate (applications from header menu at Okta, select Application, select Sign on).

Copy the IDP SSO url, Issuer url and download the certificate and configure these in zephyr connection info (Administration → Authentication → Single Sign-On → Connection Info).

  • See the steps in the section below.

How to Create Users and Assign People to Zephyr with OKTA


1.  Click on 'Directory' and then click on people.

2.  Click on the 'Add person' button.




3. After creating assigned users to the zephyr application, users will get an email from okta for to reset their password and users can update their password from the email link and is able to proceed to login.






How to Setup User Authentication to SSO in Zephyr


1. Login as a Manager go to the Administration. Click on authentication and then click on Single Sign-On (SSO).




2. In the SSO URL, SSO issuer id, provide the details which we have copied earlier from OKTA for the following:

  • SSO URL
  • SSO Issuer ID
  • Certificate file

Click save after you've filled in all the required information.


 




3. Now in User management, create the same users as OKTA with the expire credential unchecked and then assign the users to the projects.

4. Now logout as Manager and launch 'http://localhost/flex/html5/login'. This will show the login SSO as home page.



5. In the next page, log in with your OKTA credentials, it will redirect to zephyr without asking for zephyr credentials.