How to set up Single Sign-On in Targetprocess with Okta | Targetprocess - Visual management software

How to set up Single Sign-On in Targetprocess with Okta

Step-by-step guide on how to set up Single sign-on integration with Okta

Targetprocess supports most of the SAML 2.0 compatible providers including OneLogin, Okta, Bitium and ADFS 2.0.

Integrating with Okta involves the following four steps:

  1. Adding Targetprocess as an application on the Okta dashboard
  2. Configuring Okta details in Targetprocess
  3. Assigning Targetprocess Application to Users in Okta
  4. Testing SSO in Targetprocess

Detailed steps are provided below.

1. Adding Targetprocess as an application on the Okta dashboard

  • Log in to your Okta Admin account, select 'Applications' tab and then click ‘Add application’

1. Adding Targetprocess as an application on the Okta dashboard

  • Choose “Create New App”

How to set up Single Sign-On in Targetprocess with Okta. Image 2

 

  • Set application name, e.g. “Targetprocess” and click “Next” to proceed to SAML settings

How to set up Single Sign-On in Targetprocess with Okta. Image 3

  • Now you need to log in as administrator to your Targetprocess account and get out your “Single sign on URL” for Okta. In Targetprocess its called “Assertion Consumer URL” and can be found at Settings > Authentication and Security > Single Sign-On.

1. Adding Targetprocess as an application on the Okta dashboard. Image 1

  • Copy the URL. e.g. “https://your_account.tpondemand.com/api/sso/saml2” and paste into ““Single sign on URL” in Okta.

  • Paste same value into “Audience URI (SP Entity ID)”

  • Select “EmailAddress” in “Name ID format” field and “Email” in “Application username”. Result:

How to set up Single Sign-On in Targetprocess with Okta. Image 5

 Now click “Next” and “Finish” on the next screen.

2. Configuring Okta details in Targetprocess

  • On the ‘Sign On’ tab of your application click “View Setup Instructions” to get additional fields for your Targetprocess

2. Configuring Okta details in Targetprocess

  • Copy “Identity Provider Single Sign-On URL” and paste it into “Sign-on URL” field in Targetprocess SSO settings

  • Copy X.509 certificate (including lines with “BEGIN” and “END”) and paste in Targetprocess into “Certificate” field

  • Next you can enable JIT PRovisioning, disable native Targetprocess login form and some users to SSO exceptions list if needed. More information about these settings can be found in “Single Sign-On in Targetprocess” guide.

Targetprocess settings overview:

How to set up Single Sign-On in Targetprocess with Okta. Image 7

3. Assigning Targetprocess Application to Users in Okta

  • After completing the configurations in Targetprocess, go back to Okta to assign the newly added application to your users on “People” tab in application details.

3. Assigning Targetprocess Application to Users in Okta

Also you may use multiple applications assignment available in "Applications" > "Assign applications" menu.

4. Testing SSO in Targetprocess

  • Logout from Targetprocess (click on avatar picture and choose “Logout”)
  • Open your Targetprocess URL in browser - https://YOUR_ACCOUNT.tpondemand.com/. Now two scenarios are possible:
    • if you have disabled Targetprocess login form - browser will redirect you to Okta login page and then to Targetprocess UI
    • if you have mixed mode enabled - you’ll have to to click “Log in using Single sign-on” on Targetprocess login page.

How to set up Single Sign-On in Targetprocess with Okta. Image 9

 

Troubleshooting.

There are following common problems with SSO:

  • Error 404 Not found - this means incorrect URL either in Targetprocess SSO settings or in Okta application settings. Please double-check your settings in Okta and Targetprocess to make sure URLs are valid

  • You’re getting “Sorry, you can't access Targetprocess because you are not assigned this app in Okta” error. To resolve this problem make sure that your user is assigned to Targetprocess application on step 3 and you’re using correct account to login to Targetprocess.

 Other problems are less common and we'd recommend you to check your Okta application log to find out all the details or look into Targetprocess System log.

There are following common problems with SSO:

 

 

Still have a question?

We're here to help! Just contact our friendly support team

Find out more about our APIs, Plugins, Mashups and custom extensions. Join our community of passionate users and even discuss directly with our developers.