Perhaps you have configured SSO with the preview. My country mobile.com end-point? Learn exactly to upgrade your current setup with all the Flex SSO Migration manual.
Sign up a programmer account in Okta
Generate a program on Okta
Shades are made with Okta.com’s traditional UI. You may swap to vintage appearance having a dropdown at the upper corner. If you would rather modify to Vintage UI, your practical experience may differ from that which is explained from the subsequent informative article, and a few functionalities may perhaps not be reachable.
Staying Inside of Okta, then Make a Software. Navigate to the “Programs” tab and then click on the “Insert app,” after which”Produce New application.” Pick a SAML 2.0 hint online procedure.
Supply the Application Form a title, for example, My country mobile Flex. Publish a descriptive emblem if necessary.
Establish SAML Single-sign-on URL into https://iam.my country mobile.com/v1/Accounts/ACxxxx/saml2.
Establish Viewers URI into https://iam.my country mobile.com/v1/Accounts/ACxxxx/saml2/metadata. Alter the Account SID (ACxxxx) together with your actual Account SID.
The Default RelayState ought to abandon sterile.
The Program User-Name may be an electronic mail, Okta User-Name, or something otherwise exceptional.
Please make sure both the Answer and Assertion are Sign (in Okta, you may see them underneath Advanced Preferences ).
We don’t now encourage Assertion Encryption S O; please place that since Unencrypted.
Promises are key-value pairs that the id Provider claims to become authentic into this applying. Flex employs the following to ascertain the crucial info regarding just about every Flex consumer.
You May configure from specifying a”functions” feature invoices through the Okta button beneath’Attribute Statements’ category, Voice such as this:
For your full_name Price, You’ll Need to leverage Okta’s”Okta Expression Language” syntax to unite a Very First and last name in a few of These manners:
Characteristics of Flex
With all the supplied installment Okta will definitely pass on the next characteristics to Flex:
You really do perhaps not need-to specifically maintain a UserId, because it’s in the petition. Once you have identified the job, Flex will upgrade the Employee features using each powerful SSO authentication.
Once an individual is established, then you have to put in a job significance with their own userType feature in Okta. Available functions are representative, admin, along with the manager.
You can incorporate numerous functions for an individual by dividing their respective functions with commas.
Desire to find out more? Watch the documentation identification Characteristics for more details regarding pruning Characteristics and also other potential Worker features.
Help save Application Info and replicate Software particulars.
If you’re employing an old variation of Flex UI ahead of 0.7.0, abide by move inch. Otherwise, jump to measure two.
Inch. Replicate the Program Hide connection. That really is precisely what you employ to activate Login/SSO and which you just configure on your Flex Agent UI.
Simply click Look at Setup directions.
Copy Id Provider Solitary Sign-On URL, Identification Company Issuer, and Certificate info. Now you want this advice to configure Flex touse this Program.
To assign a recently made program to an individual, browse into applications/Applications’ menu, and then click on the publish Programs button.
Inside this case, whilst the region of the mission procedure, we simplify the default option username as email into your own customized username.
Catch the URLs you noticed in measure four and also set up SSO over the Flex Console solitary Sign-on configuration web page. Be Certain That the My country mobile SSO URL Discipline matches with the value you supply in Okta to get SAML Single-sign-on URL. To find out more regarding migrating out of your preview.my country mobile.com URL into I am. My country mobile.com visit our migration guidebook.
Our Configuring SSO webpage includes detail about what steps to take to best to start login by the own Identity company, the way to log in to a self-hosted domain name, and also details about features which might be identified for every individuality.