Follow the instructions below to allow your users to sign into Sigstr with Okta.
In Okta’s admin portal, create an app for Sigstr.
In the sign-on settings, do the following:
- Make sure that the Single sign on URL field is pointed to: https://app.sigstr.com/saml/callback
- Check the box for Use this for Recipient URL and Destination URL.
- Make sure the NameID Format is EmailAddress.
- Create an attribute statement of Email with value user:email.
- Can we disable users from logging into Sigstr with a username and password? That way they can only login via SAML or O365? No, not at this time. A user can still login into Sigstr via OAUTH with O365, or through Sigstr's default login page. This integration simply offers an extra route for the user.
- Does signing in from Okta create a new user? Yes and no. If the user already exists in Sigstr, they can be assigned Sigstr in Okta and will be able to login into the app to edit their profile. IF that user does not exist yet in Sigstr, signing into Sigstr will create the user without any signature fields.
- If new users are created in Sigstr from Okta, will the fields from their Okta profiles sync to Sigstr? No. At this time, we do not map fields from Okta to Sigstr. Users would need to fill in their missing signature data upon logging into Sigstr. Alternatively, if your company is using the Employee Automation API, users would just need to wait for the data to be pulled automatically.
- What if a user signs in with an alternate email from Okta? Users who sign in from Okta with an alternate email address will have a new user automatically created within Sigstr. Okta currently does not have the capacity to recognize our primary_email and alternate_email. If any user exists in Okta and needs to sign into Sigstr, you will want to ensure that his/her primary email address in Okta matches his/her primary email address in Sigstr.