This guide will walk you through how to setup Single Sign-On between Expiration Reminder and Okta.
Setting up Okta
To configure Okta, first add the Expiration Reminder app into your account. For this, click on Applications on the top menu and then click on Add Application.
The search for Expiration Reminder and then click on Add.
On the add wizard, follow the steps and leave all the default information.
Click on Applications again on the top menu, look for Expiration Reminder and click on it.
Click then on the Sign On tab.
Then click on View Setup Instructions.
A screen will appear with all the details needed for Expiration Reminder.
Identity Provider URL
Identity Provider Issuer
Configuring SSO in Expiration Reminder
To configure SSO in your Expiration Reminder account, on the top menu click on Your Name in the top-right corner, then on Settings from the drop-down menu.
Then click on Features on the left menu.
Then click on Configure SSO/SAML.
In the SSO screen configure the following fields:
Issuer: this is usually the Identity Provider URL provided by Okta. If possible, Expiration Reminder will try to get the sign on url, the sign out url and the certificate automatically from this metadata url. For OneLogin, this the url you just copied.
Single Sign On (SSO) url: this is the url users will be redirected to for login in. This is Identity Provider Single Sign-On Url provided in Okta.
Single Log Out (SLO) url: this is the url provided by your Identity Provider for signing out.
X.509 certificate: this is the certificate provided by your Identity Provider to authenticate the login request.
Enable for Users: This will allow users in Expiration Reminder to be able to use SSO to login to the application. They’ll still be able to use their own Expiration Reminder password if they’d like to.
Enforce SSO login: This option will prevent users from using their Expiration Reminder password to login and will force them to use the credentials from the Identity Provider.
Click Update to save your settings.
For setting up the SSO on Okta using Expiration Reminder's information:
The ACS URL is: https://app.expirationreminder.net/sso/metadata
The Entity ID is: https://www.expirationreminder.net/