Knowledge Base Site24x7 Knowledge Base User Management Single Sign On Migration

            Set up SAML SSO authentication for my Site24x7 account with Okta

            SAML Integration with Okta

            Okta is a secure identity cloud that links all apps, logins and devices into one unified fabric. You must obtain the login URL, logout URL, and the certificate and submit it at Zoho. Site24x7 is a service by Zoho; and use Zoho Accounts for Single Sign-On (SSO).

            Using the pre-configured Zoho App

            1.  Log in to your Okta account
            2. Click Admin in the top-right corner
            3. Click Add Applications under Shortcuts
            4. Search for Zoho SAML
            5. Click Add
            6. Enter your domain name or ZOID and click Done
            7.  Navigate to the Sign On tab
            8. Click View Setup Instructions 
            9.  You can view the Login URL/SignOn URL and the Logout URL/SignOut URL on this page.
            10. Click the link if you want to download the X.509 certificate.
            11.  Configure Single Sign-On URL and Entity ID URLs in Zoho Accounts, as listed below.

            Configure SAML in Zoho Accounts

            You'll need Super Admin access to your Org account before you configure SAML with Site24x7.

            1.  Log in to your Org Admin account.
            2. Under the  Preferences  tab click  SAML Authentication.
            3. Click  Setup Now
            4. Enter the required details:
            • Login URL :  The IdP URL where the user gets redirected to for authentication at IdP.
            • Logout URL : The IdP URL where the user gets redirected to after logging out of Zoho.

              : Tick the checkbox if you need a logout request/response sent to your IdP.

            • Change Password URL: The IdP URL that the user will be redirected to in case they want to change their account's password.
            • PublicKey : The certificate with which Zoho can check the digital signature on the SAML assertion response.

              : Make sure the key is a base-64 encoded .cer, .crt, .cert, or .pem file. We don't accept any other format for the certificate.

            • Algorithm: The algorithm with which the PublicKey is generated.
            • Just In Time Provisioning : Check this tick-box if you want a user from your IdP to be added to Zoho impromptu. We will add them to Zoho after validating the SAML Response and their domain.
            • Zoho Service: Select Site24x7 service from the drop down among different Zoho services so users will land on the service after their login is verified.

            5. Click Add.
            Note: If you chose to send a logout request/response to your IdP, you must upload the logout certificate at your IdP.
            6. You can enable or disable SAML for your organization by using the status drop-down menu.
            7. Click Download to download the metadata file. The metadata file contains information you need to provide to your IdP.

            • Entity ID: is the entity which issues the SAML Request
            • Certificate: You can find this in the ‹ds:X509Certificate› tag in the metadata file. This certificate is used to verify the Logout Request or Logout Response sent from Zoho.

              : You will receive this only if you have ticked the Logout response checkbox.

            • Logout URL: Find the tag ‹md:SingleLogoutService› in the metadata file. This is your required Logout Endpoint to be configured at the IDP.
            • Assertion Consumer Service URL: This URL can be found in the Location element under the tag ‹md:AssertionConsumerService›. This is the URL endpoint where the IdP must send the SAML response to.

              : Zoho only supports email address Name ID format, as specified in the metadata file.

            Updated: 13 Feb 2019 10:30 PM
            Help us to make this article better
            0 2