This article outlines the steps required to set up Single Sign-On [SSO] with Okta authentication. Users can then use Okta authentication to access the Spoke Phone mobile app, desktop app and account portal.
You will need to have an account with admin access to Okta to complete this configuration.
Contents
Complete Spoke Phone SSO setup
Complete Okta user assignments
Create an application on Okta
- Open your Okta admin console in a new browser window/tab
- Navigate to Applications and select Create App Integration
- Choose SAML 2.0 and select Next
- Configure General settings
- Enter an App name such as "Spoke Phone"
- Upload the Spoke logo (Download it here)
- Select Next
- Enter an App name such as "Spoke Phone"
- Configure SAML settings
- Complete the following fields:
Single Sign On URL =https://sso.spokephone.com/saml2/idpresponse
Audience URI =urn:amazon:cognito:sp:us-east-1_QElIJGlYT - Select EmailAddress in the Name ID format field
- Select Email in the Application username field
- Scroll down a little and create three Attribute Statements as follows
- Add an attribute with name firstname, format basic, and select value user.firstName
- Add an attribute with name lastname, format basic, and select value user.lastName
- Add an attribute with name email, format basic, and select value user.email
- Add an attribute with name firstname, format basic, and select value user.firstName
- Select Next
- Complete the following fields:
- Configure Feedback
- Select I'm an Okta customer... optionally complete further fields and click Finish
- Select I'm an Okta customer... optionally complete further fields and click Finish
Complete Spoke Phone SSO setup
- You should still be on the Okta admin page under Applications > Spoke Phone > Sign On
- Select View Setup Instructions
- Copy the entire contents from the IDP metadata field in the Optional section at the bottom
TIP: In chrome browser, you can expand this field using the control at the bottom right to ensure you have copied the entire content. Otherwise select in the field and hit CTRL+A, then CTRL+C to ensure you copy the entire content.
- Create a new text file named SpokePhoneIDP.xml, paste the clipboard contents then save the file
Set up SAML in Spoke Phone
- Go to your Spoke Phone account portal online and login
- Navigate to Other > Advanced and select the SINGLE SIGN-ON tab at the top of the Advanced page
- Enter in a Company Name and select Check availability
- Select Upload and choose the file SpokePhoneIDP.xml you saved earlier
- Complete the SAML Response Mapping in the Spoke Phone Account Portal as follows:
Email =email
First Name =firstname
Last Name =lastname
Complete Okta user assignments
You can now assign Okta users to the new Spoke Phone app created in Okta.
- Ensure the users in Okta that you wish to have access to Spoke Phone have been assigned to the new Spoke Phone Okta ap in Applications > Assignments
- Ensure that each user you wish to have access has a valid user setup in your Spoke Phone account with the same email address used in Okta.
TIP: You can download a list of users to a csv file and manipulate that file to upload users directly into the Spoke Account portal.
- For downloading users from Okta, see https://support.okta.com/help/s/article/Export-Active-OKTA-Users-list?language=en_US
- For uploading users to Spoke Phone see How to bulk-add and invite users to Spoke Phone by email address