Set up Krisp SSO with Okta Org-level

Who can use this feature?

Plan: Call Center AI
Managed from: Admin Portal
Users: Org Admin

Org-level Single Sign-On (SSO) lets you configure a single SSO policy that applies across every team in your organization. Once Org-level SSO is in place, you map IdP groups directly to Krisp teams from a single mapping view rather than configuring SSO separately for each team.

Before you begin

  • Make sure your teams are already created in the Admin Portal. IdP groups are mapped to existing teams during setup
  • The shared SAML application setup steps in your IdP are covered in Set up Krisp SSO with Okta. This article focuses on the steps that differ at the org level.

Create the Org-level SSO policy

  1. Open the Admin Portal and go to Policies
  2. Click Set Org-level Single Sign-On (SSO) policy

  3. Follow the SAML application setup steps as described in Set up Krisp SSO with Okta.

  Hint

Org-level SSO setup is identical to team-level SSO setup with one exception: you also need to configure a groups attribute in your IdP so Krisp can map users to teams. The next section covers this step.

Add the groups attribute in your IdP

After completing the IdP setup and clicking Finish on the Sign on page, add a groups attribute so Krisp can identify which IdP groups each user belongs to.

  1. Locate the Show legacy configuration dropdown and click Edit
  2. In the Profile Attribute Statements section, add a new entry:
    • Name: groups
    • Value: the value or filter that matches the groups you want to sync. For example, Equals Test.
  3. Save the configuration.

Map IdP groups to teams

Before users can access Krisp, each IdP group must be mapped to a team.

  1. In the Admin Portal, go to Policies >>> Single Sign-On
  2. Click Manage mappings

  3. Click a team name in the Mappings table to open the Assign IdP groups view, enter the group name, and click Add group.

  Hint

You can also create or assign groups directly from a team. Click a team name in the Mappings table to open the Assign IdP groups view, then enter the group name. Suggestions appear as you type.

Activate the Org-level SSO policy

From the Single Sign-On policy page, choose how strictly the policy is applied:

Option Behavior
Off Org-level SSO is unavailable.
Enabled SSO can be used for authentication. Email authentication remains available as an alternative.
Enforced All users, including Admins, must use SSO authentication. Other login methods are disabled.

 

SCIM setup

Org-level SCIM setup is done in the same way as team-level SCIM setup. For the full steps, see Set up Krisp SSO with Okta >>> SCIM setup.

Have more questions? Submit a request

Was this article helpful?
0 out of 0 found this helpful