Okta SAML

Use this guide to set up Okta SSO SAML for your organization on Popl Teams

Overview

Okta SAML 2.0 is a widely-used authentication protocol that allows users to log in to multiple applications using a single set of credentials. By using this protocol, companies can centralize their user authentication and authorization, reducing the need for multiple login credentials and streamlining the user experience. Additionally, Okta SAML 2.0 provides a secure way to authenticate users, ensuring that only authorized individuals can access company resources.

Using Popl Teams Okta SAML 2.0 capabilities, companies can save time, improve security, and enhance their team's experience, making this integration a popular choice for many organizations using Popl Teams.

Step by Step Guide

  1. Start by logging into an Okta admin account and going to the Okta Application Dashboard. Once there, click on "Create App Integration".

  1. On the next popup, choose "SAML 2.0".

  2. Then input the App name as "Popl". A logo can be added later or you can use this one now.

  1. On the next tab titled Configure SAML, put in the following info:

Single sign-on URL: 

https://us-central1-poplco.cloudfunctions.net/msAutoSync/saml

Audience URI (SP Entity ID):

popl

Default RelayState: Just leave this field blank.

Name ID format:

EmailAddress

Application username:

Okta username

Update application username on:

Create and update

Once the above items are added, scroll down and click "Next".

  1. On the final tab titled "Feedback", mark "I'm an Okta customer adding an internal app". Then click "Finish".

If you see a pane that looks like the below, don't check either box.

  1. You are now all set to assign (provision) users to the Popl Okta SAML app! Users can be assigned individually or via security groups.

Note: Provisioning users via Okta won't actually create Popl digital business cards for each user. To create digital business cards for each user so they can log in with Okta SAML SSO to an already set up digital card, please follow the steps for setting up our Azure AD integration here:

Azure Active Directory

  1. For the final step, please send the "Metadata URL" under the "Sign On" tab to teams@popl.co and we will complete the SAML setup on our end. Our team will send a confirmation email response once this process is complete. To get the "Metadata URL" simply go to the "Sign On" tab and copy the url as shown below!

Logging in with Okta SAML via Desktop

For enterprise-grade security and streamlined access to the Popl dashboard, SAML protocol can be utilized for user login on desktop. To log in via Okta SAML, users can click on the Popl enterprise tile, which should be visible on their Okta dashboard under their "My Apps" if the user is part of the provisioned groups for a particular app. Upon clicking the Popl application tile, the user will be redirected to Popl Teams, where they will be logged in instantly, facilitating seamless user experience and ensuring a secure authentication.

There are two types of logins via a Desktop:

  • IDP-initiated login (SAML): This type of login starts from Okta on the "My Apps" page, which is the identity provider (IDP). When a user logs in via Okta, the SAML Okta app that was created using the instructions above will be used to log the user in.

  • SP-initiated login (SAML): This type of login starts from our dashboard: dash.popl.co, which is us, the service provider (SP). When a user wants to log in via dash.popl.co (SP initiated), they can either use the "Continue with SSO" button or the "Continue with Microsoft" button to log in. The "Continue with SSO" button will use the Okta SAML app to log the user in, while the "Continue with Microsoft" button will use an 0Auth method. Both SAML and 0Auth are fully secure login methods and usually the company admin decides how they'd like their users to log into certain platforms. Note: If when clicking on "Continue with SSO" a user is notified to log in using another method like email/pass, this means that Popl does not have a valid Okta SAML XML file from their particular company domain. For example, if a member is trying to log in using "Continue with SSO" with the email john@popl.co, if we don't have a valid SAML XML file from your company for @popl.co, then a popup will appear telling the user to log in using another method instead.

Logging in with SAML via Mobile App

When users want to log in to their Popl account via the mobile app, they can either tap on the Popl enterprise tile in the Okta mobile app, or use the "Login with Microsoft" option in the Popl app. Both options ensure secure authentication and 2FA enforcement via Okta/Microsoft. The "Login with Microsoft" option is available on the Popl app's login screen.

If any issues or questions, please contact us at teams@popl.co, we are available nearly 24/7 and will get back to you within 6-8 hours or less.

With 🤍 from Popl.

PreviousAzure SAMLNextMicrosoft Outlook Email Signature Add-In

Last updated