Pronto supports SAML 2.0 Single Sign-On (SSO) authentication. This enables users to securely authenticate with multiple applications and websites by using one set of credentials.
This article outlines a series of steps to do the following:
- Pronto users with Administrator privileges can configure Single Sign-On.
- Collect your tenant-specific Pronto application details from Settings -> Single Sign-On page before configuring Okta
Configure Pronto as an application in Okta
- Login to Okta with your admin credentials.
- Click on the Admin button in the upper right corner.
- Click on the Application tab to add Pronto as an application.
- Click on Applications on the left sub-navigation, followed by Create App Integration.
- A pop-up appears “Create a New app Integration”. Select SAML 2.0 and click on Next.
- Create a SAML Integration.
In the General Setting tab, Enter the application name to uniquely identify Pronto application within Okta. Ex: Pronto - Acme.
- In Configure SAML tab, enter details from your Pronto tenant
Single sign-on URL -> This is obtained from Pronto Settings -> Authentication -> Single sign-on configuration page.
Audience URI (SP Entity ID) -> This is obtained from Pronto Settings -> Single sign-on configuration page
Once you get the SSO URL and the Audience URI from Pronto settings, go back to the OKTA configuration page and paste the details as shown below.
- Once the details are entered, scroll down to the "Attribute Statements" section and enter the SAML attributes.
Note: The following SAML Attribute are supported username, firstname, lastname
- Scroll down on the page and click Next to continue.
- On the Edit SAML Integration page, select the second option "I'm a software vendor. I'd like to integrate my app with Okta and click on Finish.
- The newly added application (in this example: Pronto) will show up under the Applications Tab. The status of this application will be Active.
- Click on Application on the left main navigation and click on the App that you created for Pronto authentication.
- Click on the Assignments tab.
- Click on Assign and select the options available based on your setup
a) Assign to People
b) Assign to Groups
to enable OKTA SSO login method. If you do not see users listed, please add users and then add the user can be added.
Configure SAML SSO in Pronto
- Login to Pronto as an Administrator.
- Navigate to Settings -> Authentication and click on Configure under Single Sign-On
- On the SSO configuration page, enter the IDP metadata from the Okta app.
- Use the information generated “How to Configure SAML 2.0 for AcmePronto Application” to complete the set-up on Pronto.
Under Configure SAML, enter the IDP metadata and click on Save and verify to finish the setup.
- Once successfully configured and saved, SSO functionality will be enabled and you will see a confirmation message to the bottom left of the screen.
- Access the Pronto login page and click on the icon below the login button that reads "Single sign on".
- Enter your email address and click on Login. You will be redirected to the OKTA sign in page. Enter your login credentials and click on Sign in. You should be logged in and should be able to see the Pronto Ecosystem page, if you are successfully logged in.