Skip to main content
Sign in

Configure SSO with Okta

  • Updated

This article will walk you through how to set up SSO using Okta for SmartDraw.

Once you logged into the Admin dashboard in Okta, click on Applications.

mceclip0.png

Next, click Browse App Catalog.

mceclip1.png

Search for SmartDraw.

mceclip3.png

Once you found SmartDraw, click Add.

mceclip2.png

Once SmartDraw is added, click on the Sign On tab and click Edit.

mceclip4.png

 

In order to pass Okta groups as part of the SAML response:

  • Select your preferred group filter from the Groups dropdown list (use the Regex rule with the value ".*" in order to send *all* Okta groups to the SmartDraw instance we used in our example) for the attribute.

  • Click Save.

  • Important: At least one group in Okta must match a SmartDraw Security Groups to Allow SmartDraw Access by name for app access to function.

Scroll down to the section for SAML 2.0 and open the link titled Identity Provider metadata.

mceclip6.png

You'll get an XML file that looks something like this:

mceclip7.png

Save this file to your computer using Save As. You can name the file anything you want. You'll be asked to upload it to your SmartDraw account in the next sequence of steps.

 

Login to your SmartDraw account and click on the SSO tab in the left navigation.

mceclip8.png

 

Click on the Import SAML Metadata button.

mceclip9.png

On the next screen, select XML file and browse to the XML file you saved from Okta on your computer.

mceclip10.png

SmartDraw will automatically process the imported file. By default the Everyone group is added. If you set a group filter in the previous steps add those specific groups to the Security Groups to Allow Access section now. In this example, we are using Everyone.

You can double-check the SAML issues and URL and click Save Configuration to enable OKTA SSO.

mceclip11.png

When you're ready to fully enable SSO for every user, make sure you check All all users of the above domains to login using this Saml config and save your settings.

This toggle lets you check your SSO set up before users see it. You can turn it on an off as you need to test things, but it needs to be checked for your users to be able to use SSO with SmartDraw.

 

mceclip1.png

 

Optional: Allow iFrame Embed

Many SmartDraw integrations leverage iFrames to function, and by default Okta does not allow their SSO to load in an iFrame. You may log into SmartDraw via SSO outside of an integration first to work around this limitation.

If you need users to log into SmartDraw from an integration, you must add Trusted Origins for the integration. Here we will use Atlassian as an example.

  • Open Security → API then click on Trusted Origins

  • Click on Add Origin

  • Complete the form

    • Origin name

    • URL for origin (in this example viewpointoffice.atlassian.net

    • Check iFrame Embed

    • Click Save