Who can use this?
Plan: Business, Enterprise (only admins)
Platform: Web
Managed from: Admin Dashboard
Other: IdP account admin privileges
This article describes how to set up Krisp SSO login with OKTA by 2 different flows:
Important
To leverage SCIM, you should use the regular flow.Single sign-on allows you to log in using your company credentials. Krisp's single sign-on (SSO) is based on SAML 2.0.
Check this article to learn more about how you can get started with Krisp SSO.
Krisp SSO Settings
First, go to your Admin Dashboard >>> Settings >>> Authentication. Check the Enable SSO box and click on SAML to open Configure SAML panel. You'll need this info in the further steps. Let's call this Krisp Settings.
Configuring OKTA with Krisp
To configure Krisp with Okta, follow these steps:
- In the Okta dashboard of your organization, go to Applications >>> Applications.
- Click Browse App Catalog.
- Search for Krisp and the search field and click on the result.
- Click Add Integration >>> Done.
- Go to Sign On >>> Edit.
- Go back to Krisp Settings and copy your Team slug and Reply URL from there.
- Paste in the appropriate fields on the opened page on OKTA and click Save.
- Go back to Applications >>> Krisp
Click on the Assign >>> Assign to People option. Assign those who should be able to log in to your Krisp team with SSO to your application.
Click Assign next to the users email >>> Assign and go back >>> Done.
Now the assigned email holders will be able to sign in to their Krisp accounts by using the Krisp team slug and authenticating in Okta accounts.
To configure Krisp with Okta, follow these steps:
- In the Okta dashboard of your organization, go to Applications >>> Applications.
- Click Create App Integration.
- Select SAML 2.0 as the Sign-on method.
Click Next. - You will be led to the General tab of the Application page. Insert the following information there:
- App name: custom name that your teammates will see when signing in. Ex: Krisp
- App logo: the logo of your company in .png, .jpg, or .gif format that can be visible to your teammates when signing in
Click Next. - You will be led to the SAML Settings page. Insert the following information there:
- Single sign on URL: copy the Reply URL (Assertion Consumer Service URL) from Krisp Settings to this field
- Audience URI: a custom name. Ex: Krisp Okta
- Name ID format: EmailAddress
- Application username: Okta username
Specify the following in the Attribute Statements section:
- name: email
- value: user.email
Copy the Audience URI you set in this step to the Audience URI and Identity Provider Issuer fields of the Krisp Settings.
Come back to the Okta Dashboard, scroll down, and click Next. - You will be led to the Feedback window. Pick one of the two options based on your case:
Click Finish. - You will be led to the Sign on Settings in the Okta Dashboard. Scroll down and click on View SAML setup instructions on the right.
- Copy the Identity Provider Single Sign-On URL to the corresponding field in your Krisp Settings.
- Copy the X.509 certificate text to the corresponding field in your Krisp settings.
- Click Configure in the Krisp Settings. - Go back to your Okta dashboard >>> Assignments tab.
Click on the Assign >>> Assign to People option. Assign those who should be able to log in to your Krisp team with SSO to your application.
Click Assign next to the users email >>> Assign and go back >>> Done.
Now the assigned email holders will be able to sign in to their Krisp accounts by using the Krisp team slug and authenticating in Okta accounts.