This article describes how to setup Krisp SSO login with Okta. Single sign-on allows you to login using your company credentials. Krisp's single sign-on (SSO) is based on SAML 2.0.
Prerequisites
- Platform: Windows, Mac, Chrome
- Krisp account plan: Enterprise
- Krisp Team Admin privileges
- Single Sign-On enabled for your team
- Okta account admin privileges
Configuring Okta with a custom app
First, go to your Krisp team web dashboard >>> Settings >>> Enable SSO and check the Configure settings. You'll need this info in the further steps. Let's call this Krisp Settings.
To configure Krisp with Okta, follow these steps:
- In the Okta dashboard of your organization, go to Admin.
- Go to Applications >>> Add Application.
- Click Create New App
- In the Create a New Application Integration window select:
- Platform: Web,
- Sign on method: SAML 2.0
Click Create - You will be led to the General Settings page. Insert the following information there:
- App name: custom name that your teammates will see when signing in. Ex: KrispAppSSO
- App logo: the logo of your company in .png, .jpg or .gif format that will be visible to your teammates when singing in
Click Next - You will be led to the Configure SAML page. The following information should be inserted there:
- Single sign on URL: copy the "Reply URL (Assertion Consumer Service URL)" from Krisp Settings to this field
- Audience URI: a custom name. Ex: MyKrispOkta
- Name ID format: email address
Specify the following in the Attribute Statements section:
- name: email
- value: user.email
Scroll down and click Next - You will be led to the "Feedback" page. Based on your use case, pick one of the two options:
Click Finish - Copy the Audience URI you defined in step 6 to both the "Audience URI" and "Identity Provider Issuer" fields of your Krisp Settings.
- In the Okta Dashboard, you will be led to the Sign on Settings. Click on "View setup instructions".
- Copy the "Identity Provider Single Sign-On URL" to the corresponding field in your Krisp Settings.
- Copy the X.509 certificate text to the corresponding field in your Krisp settings.
- Save the changes in your Krisp Settings. - Go back to your Okta dashboard >>> Assignments tab.
Click on the Assign button and pick the "Assign People" option. Add the emails of your employees who should have access to the SSO.
Now the assigned email holders will be able to sign into their Krisp accounts by using the Krisp team slug and authenticating in Okta accounts.
Check this article to know how you can get started with the Krisp SSO.