Authentication & User Management
-
- Set up and populate your SaaS stack
- Integrate your ERP & Accounting software with Sastrify
- Tool Discovery via SSO (Single Sign-On) integrations
- Set Renewal Dates & Reminders
- Assign and modify Tool Owners
- Upload your SaaS documents into Sastrify
- Sastrify App Support: Assistance at your Fingertip
- Roll out Sastrify across your organization
- Sastrify's Commitment to Security and Privacy Standards
-
- Google Workspace SSO Integration for Tool Discovery
- Enhance organizational SaaS management with HRIS Integrations
- Summary Tab for storing your subscription details
- Use Discovered Page to detect active subscriptions
- Tools and Spend Importer: Easily upload and visualize data in Sastrify
- Align vendor names using the Tool Matching feature
- Add Sastrify App to your Slack workspace
- Manually add a new tool subscription
- Bulk upload of SaaS invoices
- Forward your SaaS documents via email
- Change notification preferences
- Maximizing the benefits of the Overview page
- Manage activities and collaborate using custom tasks
- Task Automation: Streamline the creation of routine tasks
- Archive or delete inactive subscriptions
-
- Get Expert Procurement Support for New Purchases and Renewals
- Create and Manage Procurement Support using Sastrify - Jira Integration
- Scope of Service: Custom Benchmarking & Contract Review
- Scope of Service: Negotiation & Renewal Support
- Scope of Service: Custom SaaS Optimization Advisory
- Purchase your SaaS through the SastriMarket
- Control your cloud costs with SastriCloud
-
- Utilize Usage Analytics for full usage visibility
- Integrate Pleo with Sastrify
- Validate and fine-tune spend data with the Spend feature
- How to connect Microsoft Dynamics
- How to connect Netsuite
- How to connect Quickbooks
- Import spend data from Candis to Sastrify
- Import spend data from Spendesk to Sastrify
- Import spend data from Pleo to Sastrify
- Import spend data from Moss to Sastrify
- Import spend data from DATEV to Sastrify
- Zoom Usage Analytics Integration Guide
-
- ERP & Accounting Integration FAQs
- Discovery via SSO Integration FAQs
- HRIS Integration FAQs
- Usage Analytics FAQs
- Tools and Spend Importer FAQs
- Invoices FAQs
- Achieved & Potential Savings FAQs
- What is SaaS and Sastrify's scope of work?
- Who can invite a new user?
- Who receives the renewal alerts or reminders?
- How does Sastrify work with currencies?
- Is the spend data from accounting export always up-to-date?
- How to work with benchmark prices
- When and how to involve Sastrify in a contract evaluation or negotiation?
- How does Sastrify interact with SaaS vendors?
- How do you handle confidentiality clauses in vendor contracts?
- Does Sastrify handle SaaS contract termination?
- Why is contract data essential for benchmarking and negotiation support?
-
- Connecting your accounting software with Sastrify
- How to assign Tool Owners
- What Sastrify can do for Tool Owners
- How to set renewal dates
- How to set up a company-wide renewal reminder
- How to keep your tool stack updated
- How to set up, activate, and use a Workflow
- How to invite new users to Sastrify
- How to use Procurement Initiatives for new purchase & renewal
- How to collaborate using custom tasks
- Report issues and track procurement involvements
- Best Practices on how to work with Procurement Initiatives
- How to set up direct usage analytics integration
- How to set up SSO usage analytics integrations
- How to work with the Discovered tab
- How to use subscription tags
- Walk-through of the subscription detail page
Okta SSO Login Configuration Guide Print
Modified on: Wed, 20 Nov, 2024 at 10:22 AM
Applicable to the following Sastrify plans:
Legacy* | Essential | Pro | Platinum |
---|---|---|---|
✔ | ✘ | ✔ | ✔ |
* Legacy includes all plans signed before February 29, 2024.
Sastrify is now included in the Okta integration catalog. Pro & Platinum customers using Okta can securely login to Sastrify directly from Okta, bypassing the Sastrify login page and password management. Streamlined access for greater convenience.
In this configuration guide, you will learn how to configure Okta single sign-on (SSO) login and authentication for accessing Sastrify.
IN THIS ARTICLE
- Step 1: Select the login method in Sastrify
- Step 2: Create an app in Okta and generate credentials
- Step 3: Send the credentials to Sastrify
- Step 4: Create a bookmark in Okta
- Step 5: How to log into Okta from Sastrify
- Frequently Asked Questions
Each step is detailed in the following sections.
Step 1: Select the login method in Sastrify
From your Sastrify app,
- Navigate to Settings > User & Company Data, then locate the Authentication Settings section on the right side of the page.
- Under Authentication Settings, click Edit
- Select "Login with Okta".
- Click "Enable SSO"
After completing Step 5, you will receive a confirmation notifying you that your SSO enablement request has been sent to the Sastrify App Support team. This will trigger an email prompt for you to later send the required information (Step 3) to complete the configuration process.
Now that step 1 is complete, let's move on to step 2 to start generating the required credentials from your Okta account.
Step 2: Create an app in Okta and generate credentials
First, you will need to create an app for Sastrify within your Okta account. To do this,
- Sign in to your Okta organization using your admin account.
- In the admin console, go to Applications > Applications.
- Click Create App Integration.
- Select the sign-in method type "OIDC - Open ID Connect" and the application type "Web Application".
- Make sure you enter the following callback URL https://login.sastrify.com/login/callback as the sign-in indirect URL
After successfully creating the app integration in your org, search for it in the Applications page.
- Click App Integration to open the settings page.
- On the General tab, the Client Credentials section shows the client ID and client secret value for your app integration. Copy to Clipboard button beside each text field.
- For the Issuer URL, click your username in the upper right corner of the Admin Console. The domain will appear in the drop-down menu located directly below the username.
By now you should have all the required credentials: Client ID, Client Secret and Issuer URL.
Proceed to step 3 to send these credentials to our App Support team to complete the configuration process.
Step 3: Send the credentials to Sastrify
Now, simply send all the credentials to Sastrify by replying to the email generated from Step 1.
Once we receive your credentials, our Support Team will begin enabling the SSO login method within an SLA of 2 business days. You will be notified via email once the configuration is fully enabled.
Step 4: Create a bookmark in Okta
This last step can be done immediately after completing step 3. You don't need to wait for Sastrify's confirmation to start creating a bookmark.
Creating a bookmark is also important if you want to log in to Sastrify directly from Okta.
1. Sign in to your Okta organization using your admin account.
2. In the admin console, go to Applications > Browse App Catalog.
3. In the Search... field, enter Bookmark App. Click on the app integration called Bookmark App.
4. Click the "Add integration" to create a new Bookmark App.
5. In the General Settings for the Bookmark App, enter a label for the external application and the URL of the sign-in page for the app provided by Sastrify. Click Done to create the Bookmark App.
Please contact the Support team through your Sastrify app if you would like to have this set up so we can send you the URL parameter needed to configure this.
Learn more about Sastrify App Support in this article.
6. As a final step, make sure that the users who should have access to Sastrify are assigned to this bookmark in Okta by clicking "Assign".
Step 5: How to log into Okta from Sastrify
1. Once Okta has been enabled, you and your team will receive an email to let you know of this change. Click on "Continue to log in":
2. You will be redirected to the Sastrify login page. Please enter your email as usual, and you will be redirected to Okta from there:
Frequently Asked Questions
Q: What type of data does this feature retrieve and consume from my Okta account or environment?
A: The authentication setup process will retrieve and consume the following data from Okta:
User profile information: This includes user attributes such as name, email, user ID, and any other custom attributes you have configured in Okta.
Authentication information: Tokens such as the ID token, access token, and update token are exchanged during the authentication process.
Q: How are these tokens stored?
A: Tokens are securely cached in our identity management database infrastructure as they are typically used for session management and API access control. In addition to the relevant tokens, the authentication process also stores and maintains logs of authentication events, which may include timestamps, IP addresses, and other metadata for security and auditing purposes.
Q: How often is the API called?
A: Every 168 hours i.e. every 7 days
Q: Do you support SAML for Okta?
We currently do not support SAML for Okta.
Q: Do you support IdP initiated flow for Okta?
The Okta SSO does not support IdP initiated flow. As a workaround, you can create a bookmark in Okta as explained in step 4.
Did you find it helpful? Yes No
Send feedback