In this article, we'll be referencing this URL at a couple of places. You can figure out what to use there by going to Manage Organization > Configuration
If you've custom domain setup on AirMason
- then your Organization URL will be your custom domain (Eg: handbooks.johnsmithweb.com)
- otherwise it will be books.airmason.com/<company-handle>, where <company-handle> is company handle that you've set up. (Eg: books.airmason.com/johnsmith)
Setting up AirMason app on Okta:
- Follow this guide for creating an integration on okta https://developer.okta.com/docs/guides/build-sso-integration/saml2/create-your-app/
- While creating an app, make sure:
2.1. "Single sign on URL" and "Audience URI (SP Entity ID)" are set to https://<Organization URL>/okta/saml2 (replace <Organization URL> with your Organization URL)
2.2. "Name ID format" is set to "EmailAddress"
2.3. Following "Attribute statements" are defined and mapped to correct values: (Note: This is case sensitive)
Connecting Okta SSO app to AirMason:
- Under your newly created Okta app, go to “SignOn” tab and then click on “View Setup Instructions” and copy the following fields:
1.1. Identity Provider Issuer
1.2. Single Sign-On URL
1.3. X.509 Certificate
- Now, login to airmason.com and go to Integrations page
- Select Okta app from SSO applications and click on Connect and set the following params:
3.1. Issuer URL as Identity Provider Issuer value from Step 1.1.
3.2. SAML 2.0 Endpoint as Single Sign-On URL value from Step 1.2.
3.3. Certificate as X.509 Certificate value from Step 1.3.
Testing Okta SSO as employee:
- Go to your Organization URL. It should show you login page for viewing your handbooks
- Click on "Login with Okta"
- It should take you to login using Okta SSO credentials (if you are not logged in)
- Once you log in, it should bring you back to AirMason and you should be able to view handbooks you've access to (similar to what is shown below).