SeamlessDesk

Okta SSO Configuration

Okta SSO Configuration #

In this support article, we will discuss Okta and how to configure your SeamlessDesk account to work with your Okta SSO account. 

There are two ways to configure your Okta account. You can use the preconfigured SeamlessDesk application published to the Okta Catalog, or you can leverage the Okta API and use it to configure your account settings. 

Use the preconfigured SeamlessDesk application published to the Okta Catalog (recommended) #

[this section will be included once the SeamlessDesk application is published to the Okta Catalog]

Create your own application in your Okta account #

Step 1 – Configure Initial Application #

Before we begin, please note: you will need to be an Okta administrator to configure Okta to work with SeamlessDesk.
  1. Log in to your Okta account
  2. Once you are logged in, click “Applications” > “Applications” on the left-hand side of the screen. 
  3. Next, click on the “Create App Integration” button in the upper-middle part of the page.
  4. In the pop-up, select “OIDC – OpenID Connect” and then “Single-Page Application,” and click “Next.”
  5. On the next page, you will need to configure the following settings:
    Please note that some fields are required, and some are optional.
    • App Integration name (required) – The name of your application.
    • Logo (optional) – A custom logo for your application.
    • Grant Type (required)– Only select “Authorization Code” and leave all other options unselected. 
    • Sign-in redirect URIs (required) – Replace {companysubdomain} in this URL with the subdomain from SeamlessDesk account and paste the completed the URL into the provided field:  https://{companysubdomain}.seamlessdesk.com/okta/
    • Sign-out redirect URIs (required) – Leave this field blank. 
    • Trusted Origins (required) – Replace {companysubdomain} in this URL with the subdomain from your SeamlessDesk account and paste the completed the URL into the provided field:  https://{companysubdomain}.seamlessdesk.com/

      Please note, do not include the okta/ portion of the URL in this field.
    • Assignments (required) – Select whichever option you’d like. Here is what each option means: 
      • Allow everyone in your organization to access – grants access to everyone, meaning all users in your Okta Directory will have access to SeamlessDesk.
      • Limit access to selected groups – select a specific group of people who will have access to SeamlessDesk. 
      • Skip group assignment for now – you can decide later. Note: users will not be able to log in until you select which users will have permission to access SeamlessDesk.

6. Click “Save.” 

Step 2 – Additional Settings #

Here you will find your application details. Additionally, here you can configure additional settings or make changes to settings that you previously configured. 

  1. Under “General” > “Client Credentials,” copy or take note of the “Client ID.” We’ll need this later. 
  2. Under “General” > “General Settings,” copy or take note of the “Okta domain.” We’ll need this later as well. 
  3. Under “General” > “General Settings” > “USER CONSENT,” please ensure that “Require consent” is toggled. This will force new users to give their consent before being able to log in to SeamlessDesk with Okta.

    Please note that before making changes to these settings, you will need to click the “edit” button at the top right-hand side of the “General Settings” section.
  4. You can choose to configure additional optional settings such as custom Terms of Service, Privacy policy, etc. 
  5. With the edit button selected, go to “General” > “General Settings” > “LOGIN.” Copy the “Sign-in redirect URIs” and paste the URL into the “Initiate login URI” field. 
  6. Click “Save” to update the settings. 

Step 3 – Configure Security Settings #

We will now configure some security settings. 

  1. On the left-hand navigation menu, select “Security” > “API.”
  2. Click on the “Trusted Origins” tab. 
  3. Confirm that the URL for your SeamlessDesk is correct. 
  4. Lastly, the “Redirect” check box will be toggled by default. We need to turn that off. To do that, click the pencil icon next to the SeamlessDesk URL, make any changes to your app name or URL, deselect the “Redirect” box, and click “Save.” 

Step 4 – Configure Okta Settings Within SeamlessDesk #

    1. Login to your SeamlessDesk account. 
    2. Click “Settings” > Scroll to the Integrations Section > Click “Okta (SSO).”
    3. Click the top toggle to enable Okta SSO. 
    4. Paste the “Client ID” and “Okta URL” that you saved from earlier.

      Note: the Okta URL should not include https:// but the exact URL listed in your Okta settings.
    5. Toggle the appropriate settings that you would like to enable (definitions provided below).
      • Create a SeamlessDesk account if user does not exist for your organization. Disabling this feature will require manual account configuration.
        • This means if the user does not exist in SD, this setting, when enabled, will create an account automatically when the user tries and sign in. Agents or Admins will have to manually generate those end-user accounts if you do not enable this setting.
      • Prevent user from logging into SeamlessDesk locally must require AD Authentication.
        • When this setting is enabled, end-users cannot log into SD with a local account.
    6. Click “Save.”

The Sign In With Okta button will now appear on your SeamlessDesk account, and your users will be able to start using it immediately.

If you need any assistance or if you have any questions, please contact SeamlessDesk Support at support@seamlessdesk.com.