OKTA Single Sign-on Setup Guide

  • Updated
  • Zingtree supports SAML 2.0 based Single Sign-on (SSO). This lets you require anyone accessing a tree to log in via your Identity Provider and authenticate themselves first. This article will walk you through how to set it up using OKTA

    Setup

     

    1. In Zingtree select Account > Single Sign-on.

    2. Use the orange button to switch between setting up SSO for Authors or Agents

     

    3. In OKTA, open the Admin settings. 

    4. Select the Applications drop-down and then click Applications.

    5. From the Applications page, click Create App Integration

    6. Select SAML 2.0

    7. Enter Zingtree Authors or Zingtree Agents in the App Name field. 

    8. Enter the Single Sign-on URL and Entity ID. We recommend using email for both the Name ID Format and Application username. The completed page should look like this:

    9. Select I'm an OKTA customer adding an internal app and then click Finish

    10. Click View Setup Instructions. 

    11. You'll need the ACS URL, Entity ID, and Certificate to finish setup in Zingtree. 

    12. In Zingtree, click the Next: Enter Identity Provider Data for Authors/Agents button. 

    13. Enter the ACS URL, Entity ID, and Certificate as shown:

     14. Once you've entered all the information click Test Author/Agent Login button. 

    SFSSO18.png



    Enabling SSO for Agents/Authors

    Once SSO is working properly from your test, you can restrict access to any tree as follows.

    1. From Account, Single Sign-on, make sure you are on the Agents/Authors page.
    2. Tick enable Agents/Authors.

      SFSSO17.png

    IMPORTANT: You still need to specify individual trees to restrict access to. Here’s how:

    1. Go to My Trees, and select the tree that you want to require SSO login.
    2. Click Settings > Security, and you’ll see something like this:

      2022-05-05_10-21-53.png

    3. Check Require Login via Single Sign-on (SSO).
    4. Click Update Settings.

    Dedicated Agent Login

    Rather than having Agents go through the Zingtree login page, you can send them directly to your SSO login page. Here’s how:

    1. Go to Account, My Agents.
    2. Give your agents the link from this button:

  • Zingtree supports SAML 2.0 based Single Sign-on (SSO). This lets you require anyone accessing a tree to log in via your Identity Provider and authenticate themselves first. This article will walk you through how to set it up using OKTA

    Setup

     

    1. In Zingtree select Account > Single Sign-on.

    Azure_SSO_Setup_Guide.png

    2. Use the orange button to switch between setting up SSO for Authors or Agents

     

    3. In OKTA, open the Admin settings. 

    4. Select the Applications drop-down and then click Applications.

    5. From the Applications page, click Create App Integration

    6. Select SAML 2.0

    7. Enter Zingtree Authors or Zingtree Agents in the App Name field. 

    8. Enter the Single Sign-on URL and Entity ID. We recommend using email for both the Name ID Format and Application username. The completed page should look like this:

    9. Select I'm an OKTA customer adding an internal app and then click Finish

    10. Click View Setup Instructions. 

    11. You'll need the ACS URL, Entity ID, and Certificate to finish setup in Zingtree. 

    12. In Zingtree, click the Next: Enter Identity Provider Data for Authors/Agents button. 

    13. Enter the ACS URL, Entity ID, and Certificate as shown:

     14. Once you've entered all the information click Test Author/Agent Login button. 

    SFSSO18.png


    Enabling SSO for Agents/Authors

    Once SSO is working properly from your test, you can restrict access to any tree as follows.

    1. From Account Settings, Single Sign-on, make sure you are on the Agents/Authors page.
    2. Tick enable Agents/Authors.

      SFSSO17.png

    IMPORTANT: You still need to specify individual trees to restrict access to. Here’s how:

    1. Go to My Trees, and select the tree that you want to require SSO login.
    2. Click Settings > Security, and you’ll see something like this:

      2022-05-05_10-21-53.png

    3. Check Require Login via Single Sign-on (SSO).
    4. Click Update Settings.

    Dedicated Agent Login

    Rather than having Agents go through the Zingtree login page, you can send them directly to your SSO login page. Here’s how:

    1. Go to Account Settings, My Agents.
    2. Give your agents the link from this button:

  • Throughout 2022 Zingtree will be upgrading customers to our new faster and more modern user experience! Here's how to tell which experience your Zingtree Authors are currently using.

    Log in to your Zingtree Author account and navigate to My Trees. How does your current My Trees page look?

    Zingtree Classic

    2022-02-25_12-24-51.png

    New User Experience

    mceclip0.png

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request