Okta / Spiral Integration Documentation
Supported Features
The Spiral/Okta SAML integration currently supports the following features:
- SP-initiated SSO (from Spiral, login with Okta)
- Just-in-time provisioning
Here, Spiral is the Service Provider (SP) and Okta is the Identity Provider (IdP). For more information on the listed features, visit the Okta Glossary.
Read This Before You Start
When you configure the Spiral/Okta app, you will be asked whether you’d like disable username/password login to Spiral. If you reply affirmatively, enabling SAML will affect all users of Spiral. Users won’t be able to sign in using username/password; instead, they will be required to access the app using Okta.
If you choose to continuing allowing username/password sign in, users will be able to login to Spiral with Okta or with username/password.
Configuration Steps
Configure the Spiral Application for SP-initiated SSO
- Reach out to the Spiral support team at support@spiralup.co and let them know you’d like to enable an Okta integration.
- In an Okta Admin Account, go to Applications, then select Browse App Catalog, select the Spiral app, and click Add Integration. Select the Spiral App from your list of Applications to start configuring.
- Under General Settings, complete the following information, then click Next:
- Application Label: We recommend “Spiral (SP-initiated)”.
- App Visibility: Choose the option Do not display application icon to users. The app you're currently configuring supports Okta login from Spiral (SP-initiated) and cannot be used to initiate login from within Okta. We'll establish the flow from Okta to Spiral using a Bookmark App once this step is finished (optional).
- Copy the Metadata URL from the Sign On tab and send it to Spiral.
- Under the Assignments tab, add a test user that you can provide Spiral with access to so we can test your integration. Once tested, this is also where you’ll grant users and groups access to Spiral.
Summary of Items to Provide to Spiral:
- Metadata URL for the Application
- Whether or not username/password login should be disabled once Okta has been enabled (see above under “Read This Before You Start”)
- Test user login and password (optional)
(Optional) Create Bookmark Application for Okta-initiated SSO
This step is required if you want Spiral to appear as an app in users’ Okta dashboards.
- In an Okta Admin Account, under Applications, click Applications.
- Click the Browse App Catalog button.
- Search for “Bookmark App”, select it from the list of results, and click Add Integration.
- Complete the information as follows:
- Application Label: Spiral
- URL: This will be provided by Spiral once SP-initiated setup (above) has been configured.
- Application visibility: Leave the box unchecked.
- Click Done.
- From the App page, update the icon with Spiral’s logo to make it easy for your users to know what the App does.
- When ready, assign users under the Assignments tab to show the app in in their dashboards.
User Access Instructions
SP-initiated SSO
- Go to https://app.spiralup.co
- Select Sign in with Okta
- Follow the prompts to sign in.
Okta-initiated SSO
- Select the Spiral bookmark app from the Okta dashboard.
- Sign in to Spiral will happen automatically and Spiral will open in a new tab.
Notes
The following SAML attributes are supported: