Supported features
Focal supports both Service Provider-initiated authentication flow (https://app.focal.inc/login/) and Identity Provider-initated flow using Okta SSO Dashboard. Once Okta SSO has been enabled for your Focal organization, it can be made mandatory login method or it can be required only from matching domains (user email domain).
Prerequisites
To configure SSO through Okta you need to:
Be an admin of your Focal organization
Have access to an Okta tenant, and be an application administrator of that tenant
After this, you can create the integration app manually in Okta or install it through the Okta Integration Network (OIN).
Enable the Okta integration
Enabling Okta SSO to Focal consists of three steps:
1. Install the Focal Okta application
Install the Focal Okta application from OIN. Navigate to Applications β Browse App Catalog, search for Focal, and install the application.
Assign users or groups to Focal app in Okta dashboard
Navigate to the Focal Okta Application "General" tab, to inspect the client credentials
2. Connect your Okta to Focal
After creating or installing the Focal Okta application, share the credentials with Focal on the Okta settings page.
The installation will:
enable the Okta SSO for your organization
Steps
Navigate to the Organization settings page and input the required fields
- Issuer URL (https://yourcompany.okta.com, without the -admin suffix)
- Client ID
- Client SecretClick Connect Okta
Log out and test Okta SSO Login
When Okta SSO Login is working you can make it the required login method for your organizations users. The settings toggle "require Okta SSO" targets only your organization domain. So 3rd party collaborators can still login with their own login methods.
Service-Provider initiated login
β
β