Totango allows you to set SSO for your users and this Guide is specifically for configuring with Okta.
1) Create Okta SSO application on Okta
2) In Okta, find “General” settings:
3) And configure the following settings:
Make sure that you configure the following:
- Single Sign On URL: https://api.totango.com/auth/saml/login/callback
- Audience Restriction: totango.com
- Name ID Format: Email
- Digest algorithm: SHA256 (default)
- Default Relay State: This would be one of the domains configured in Global Settings under SAML SSO Settings in Totango
4) Now go to the “Sign On” tab in Okta and click on Identity Provider metadata:
5) From the XML copy everything between the two <ds:X509Certificate> tags that you see in the metadata:
6) Open the SAML Settings in Totango (Global Settings>Totango Users, and then go to the third tab General Settings>SAML SSO Settings) and paste it into the ‘Identity provider certificate’ field in Totango (make sure you remove all blank spaces in the data).
7) Enter your Company Domain:
8) Go back to the metadata and now copy the Identity Provider login URL which you will after “Location=”:
Paste it into the Identity Provider login URL field in Totango:
9: FINAL STEP (Very Important): Contact Totango Support and provide us the Okta domain you are using: somecompany.okta.com so that we whitelist it. If you skip this step we will block request from this domain so it is important that we whitelist it.