Setup of Okta is relatively straightforward. The overall process is as follows:
- Create your company account at Clear To Go! (CTG). The user that does this will be the administrator on the account and can perform the actions needed here.
- Ensure CTG staff has configured your account to enable SAML. Open a ticket at firstname.lastname@example.org if this has not been discussed and completed.
- Follow the instructions here to create and configure a SAML Application.
- Copy information from Okta to CTG. Copy information fron CTG to Okta.
- Your users should now be able to enter CTG from your portal.
All configuration of Clear To Go is done within the administration menu: "SAML Integration". You can find this in the drop down under your name in the top right corner. If you do not see this, then step 2 above was not completed.
1. Okta Application Setup
In Administration, click on on Applications. Click on Add Application.
In the search box, enter SAML. In the results pane, select "SAML Service Provider"
On the next page, click "Add"
Name your application, "Clear To Go" and click Next.
In the setup screen, leave Default Relay State as is. Expand the Attributes section. From here, copy the claims CTG needs to operate. The minimum is email, first name, and last name. In CTG, the claims are emailaddress, givenname, and surname, respectively. See below:
From here, scroll down to Advanced Sign-on Settings. You need to fill in the two fields with data from CTG under the section SAML SP Information. Copy the Reply URL from CTG into the Assertion Consumer Service URL and the Identifier into Service Provider Entity Id.
The remaining defaults are correct.
At this point, information from Okta needs to be copied into CTG. Look for the button "View Setup Instructions" in the Sign On form.
Click that button. On the result page some information is displayed. Item #3 is the IP Certificate. Click on "CLICKING HERE" to download the certificate. This is a text file that can be opened in any text editor. Open the file up and copy the contents. Within CTG under the section SAML IdP Information, look for the Certificate field and paste the contents into that field.
If only first name, last name, and email are provided by Okta (according to the attributes specified in the Okta setup), then a default role will need to be selected. Under Default Role, select an appropriate role that will be assigned to all users.
At this point, you should be able to log in from your Okta account into Clear To Go. If so, follow normal Okta configuration to setup and assign your users to the new app.