Configuring SSO for Okta

The Clumio service can integrate with Okta for seamless user authentication. Please follow the below steps to configure Okta IDP as a Single Sign On service for Clumio. More details about the Clumio App here.

Prerequisites

Ensure that you have the following before you start configuring Okta**

  • Okta account with admin privileges
  • Clumio account with Super Admin Role

Supported Features

Enable Okta Integration with Clumio

In Okta

  1. Open the Okta Admin console.
  2. Go to Applications.
  3. Browse the App Catalog and search for Clumio.
  4. Click Add.
  5. For the Application Label, name the application Clumio.
  6. Click Done and assign the application to the users.
  7. Click the Sign on tab.
  8. Click Edit. Under Advanced Sign-on Settings, you will see three fields for Audience Restriction, Assertion Customer Service (ACS) URL, and Recipient URLs. 

Screenshot

  1. Get the Audience Restriction, Assertion Customer Service (ACS) URL, and the Recipient URL from Clumio (see step 4). Copy them here and click Save.
  2. The metadata URL can be retrieved from the SAML2.0 section under the Sign-On tab. You can either download this and save it as XML or directly use the link within Clumio. 
    Screenshot_2023-04-26_at_1.12.13_PM.png
    13. The Okta side configuration is complete.

In Clumio

  1. Log in to Clumio.
  2. Navigate to Settings > Access Management > Authentication (SSO/MFA)
  3. Click on "Configure SSO" under Strategy
  4. Copy the Audience Restriction, Assertion Customer Service (ACS) URL, and the Recipient URL. This will be needed for the IdP side setup. 
  5. Scroll down and upload the metadata retrieved from the IdP. You can use the URL, upload the metadata XML file, or configure it manually. 
  6. Now click on "Save Configuration"
  7. Click on "Test with my Account" - This should open a new tab to test the SSO connection.
  8. Once the above step is successful, click on Activate SSO. Please note that this step is important for SSO enablement.
  9. Check the box to send emails if you wish to notify all users of the SSO enablement, else click enable.

Note: For any user to utilize Clumio login through Okta SSO, the user needs to be explicitly added from the Clumio UI; Settings > Access management > Users and should be assigned to the Clumio SAML Application created in Okta.