In this article, we go over how to set up OKTA PostBeyond application integration.
Pre-requisites
Before getting started, make sure that you have created your Okta account. Once created, add the PostBeyond application in Okta.
OKTA PostBeyond Application Integration Set-up
Supported Features
The Okta/PostBeyond SAML integration currently supports the following features:
IdP-initiated SSO
Configuration Steps
1. Contact the PostBeyond Support team and request that they enable SAML 2.0 for your account.
2. Provide PostBeyond with Metadata file & 3 Attributes Variable Names
A. Metadata file.
Can be found in the Application > Sign On tab
B. The 3 attribute variables.
PostBeyond needs these 3 attributes:
First Name
Last Name
Email
In Okta, go to Directory > Profile Editor > (and beside the OKTA application) Profile:
NOTE: We recommend not creating attributes in the PostBeyond application. If you have, please remove them as we will pull the attributes from your general OKTA set-up.
From there, please provide us with the variable names for:
User first name
User last name
Email
3. Add your subdomain
In Okta, select the General tab for the PostBeyond app, then click Edit.
Enter the subdomain into the Subdomain field. This is the subdomain you have arranged with PostBeyond (i.e. https://(your-subdomain).postbeyond.com)
Click Save.
OPTIONAL: To send groups as a part of SAML assertion:
In Okta, select the Sign On tab for the PostBeyond app, then click Edit.
Select the appropriate filter from the groups dropdown menu and type the preferred value into the field.
Click Save.
IMPORTANT: for the grouping to work your company's internal directory has to match the PostBeyond group set-up identically. If it does not, we recommend not performing this step as it can cause complications.
Step 4: PostBeyond to Complete the Process Internally
After you have sent PostBeyond with the Metadata file & three attribute variables, PostBeyond will finalize the process and provide you with an expected date of completion. This process can take up to 3 weeks to complete as it will need to be funnelled into the upcoming sprint.
Step 5: Testing & Troubleshooting
Immediately after the process is completed, make sure to test logging in from the OKTA directory. If you run into any issues, please contact your CSM to being troubleshooting.