Okta is an identity and access management provider that enables frictionless login for enterprise apps. Using Okta, your agents can log in securely without using a password.
1. SAML Provisioning - Provision agents from your Okta account.
2. SCIM support - Keep all your support agents in sync between Okta and HappyFox Chat account.
3. Okta supports both SP initiated and IDP initiated login.
4. JIT User provisioning is supported.
This feature is available on the Scale Plus plan.
Only admin role enabled agents will be able to set up Okta in the HappyFox Chat account.
Setting up the HappyFox Chat app in your Okta account:
1. Log in to your Okta account and follow the steps mentioned below to set up Okta in your HappyFox Chat account.
2. Adding apps in Okta:
You will have to create two apps,
- HappyFox Chat (For Authentication).
- SCIM (For Provisioning).
Get the SSO Account Token to create the HappyFox Chat app,
1. Login to the HappyFox Chat application as an admin.
2. Go to Manage > Security:
3. Set the Enable single sign on to ON.
4. Choose your identity provider: Select Okta.
5. Take a look at the ACS URL value, it contains your SSO Account token. Your SSO Account token is the part of the ACS URL value that is between /sso/ and /acs/okta. (For example, if your ACS URL is https://happyfoxchat.com/api/v1/sso/1a2b3c4d/acs/okta, then your SSO Account token is 1a2b3c4d.)
A. Creating the SAML App:
1. Click on the Application tab and then click "Add Application".
2. Search 'HappyFox Chat' and click 'Add'.
3. In the General Setting tab, enter the SSO Account Token.
4. Click Next > Assign HappyFox Chat app to people (users/agents) > Click Done.
Now before creating the SCIM app, you need to fetch SCIM base URL and Bearer token from HappyFox Chat. Follow the steps below:
1. Go to Applications tab on Okta and Click 'HappyFox Chat' > click Sign On tab> Click 'Identity Provider Meta Data'.
2. Copy-paste this IDP metadata xml inside your HappyFox Chat account’s Manage >> Security >> OKTA Metadata. Click Save. (Go to Single Sign-on from the main menu).
3. Now, SCIM Base URL and SCIM Bearer token will be generated > Copy.
B. Creating the SCIM app:
1. Click on the Application tab and then click "Create new App" and search for "SCIM 2.0 Test App (Header Auth)" in the search box provided in the page.
2. In the general settings, provide an app name (ex: HappyFox Chat SCIM) and click Next.
3. Under Sign-on options select "SAML2.0" and under credentials details select "Email" instead of Okta username and click Next.
4. In the provisioning tab, enable the check box "Enable provisioning features".
5. Now enter the SCIM base url and bearer token in the Base URL and API Token fields respectively.
6. Enable "Create Users", "Update User Attributes" and "Deactivate Users" and click Next.
7. Now SCIM API is validated on successful validation, you can assign people, click Next and Done.
Voila! You have successfully connected Okta to your HappyFox Chat account.
Once done you can start adding agents to your HappyFox Chat account via your Okta account.
Your agents can use Login with SSO link present in the HappyFox Chat's login page and get access to the HappyFox Chat account. Or can also login using via Okta > Applications.