This feature is available in Lucy 4.6 or newer version.
This article describes the basic settings for integrating Okta into Lucy. More information can be found on the Okta website at https://www.okta.com/products/single-sign-on
Additional information about what SSO in Lucy is designed for can be found here.
1. Register an account with Okta and login to Admin portal
2. Go to the Applications > click "Create App Integration"
3. Add a new application with the following settings:
4. Click "Show Advanced Settings" and add the following settings:
5. Once the initial configuration is finished, go to the Sign On tab, click the Edit button in “Settings” and in the Default Relay State add “https://yourdomain.com/admin/campaigns“(without the quotes).
where 'yourdomain.com' is your Lucy's admin domain name
Then click Save.
6. On the Sign On tab click the "View Setup Instructions" button.
To enable Single sign-on in Lucy you will need Identity Provider Issuer, X.509 Certificate and IDP metadata.
1. Open Lucy Admin console
2. Navigate to the SSO Configuration page (Settings > SSO Configuration)
3. Click the option "Enabled"
4. Chose Protocol: "SAML 2.0"
5. Fill in "Identity Provider Endpoint" with the Identity Provider Issuer provided by Okta (e.g. http://www.okta.com/<unique_id>)
6. Download X.509 Certificate file provided by Okta, copy Thumbprint data from the certificate and paste it into Identity Provider Certificate Thumbprint field
7. Save the IDP metadata provided by Okta to an XML file and upload it into Lucy's Identity Provider Server XML metadata field
1. Go to Okta Admin portal
2. Navigate to the Directory > People page
3. Add at least one person corresponding to the Administrator account in Lucy (must be the same e-mail address)
4. Assign the recently added application to the user
5. Use "Login with single sign-on" button on the Lucy's Login page to login using Okta