The article explains how Brevity integrates with Okta for Single Sign-On (SSO) authentication. It outlines the setup requirements, supported features, testing procedures, and how user access works with this integration. Here's a detailed breakdown:
Prerequisites
Users can be automatically added to specific teams within Brevity based on their email addresses.
Brevity Admin/ Account manager can configure this feature by setting up rules based on your organization's email domain(s) (e.g., `@yourcompany.com`).
Important Note for Existing Brevity Users: If you're an existing user of Brevity, once you log in successfully using SSO with Okta for the first time, you must use SSO for all future logins.
The traditional login method (e.g., using a password directly on Brevity's login page) will no longer work after your first SSO login.
Supported features: IdP-Initiated SSO
- Brevity supports Identity Provider (IdP)-initiated Single Sign-On. Login can only be started from Okta (the Identity Provider), not from Brevity's login page.
- Access Method:Users must access Brevity by logging into their Okta dashboard and selecting the Brevity application from there.
How to add Brevity application from the Okta Catalog?
- Access Okta Admin Console
- Sign in to your Okta admin dashboard using your administrator credentials.
- Navigate to App Catalog
- Click on “Applications” in the main menu
- Select “Applications” from the dropdown
- Click “Browse App Catalog”
- Find Brevity
- In the search bar, type “Brevity”
- Click on the Brevity application tile when it appears
- Add Integration
- Click the “Add Integration” button
- Follow the configuration wizard
Brevity SSO Configuration
Team administrators can enable SSO for their team and copy their Okta app instance Issuer URI and x509 certificate to SSO settings in Brevity Teams page.
How to test the integration
To ensure that the Brevity and Okta integration is set up correctly:
- Navigate to Okta Dashboard: Log in to your Okta end-user dashboard using your Okta credentials.
- Access Brevity via Okta: Click on the Brevity application tile provided in your Okta dashboard.
- Automatic Login Verification: You should be automatically logged into Brevity without needing to enter additional credentials.
User Access Behavior
- All users must access Brevity through the Okta dashboard moving forward.
- New Users: When a new user (who doesn't have a Brevity account yet) logs in via Okta for the first time, an account in Brevity is automatically created for them. This simplifies onboarding, as there is no need for manual account creation in Brevity.
- Existing Users: Before First SSO Login, they can continue using their usual login method (e.g., username and password on Brevity's login page).
After First SSO Login
- Once they log in using SSO through Okta, they must continue to use SSO for all future logins.
- Traditional login methods will no longer be available to them.
Email Address Matching:
- The email address associated with their Okta account must be the same as the one registered with their existing Brevity account. This ensures that Brevity can correctly link the Okta user to the existing Brevity user account.
The following SAML attributes are used by the integration:
Attribute | Value |
FirstName | user.firstName |
LastName | user.lastName |
user.email |
Comments
0 comments
Please sign in to leave a comment.