Skip to main content

How to: Okta SSO Thoropass Configuration (via Okta Catalog)

C
Written by Claudio Morsella
Updated over 10 months ago

Overview:

This page is a resource on how to configure Thoropass SSO login, using Okta SSO Catalog.

What is Okta SSO Catalog?

Okta SSO catalog is an app store where the Thoropass "SSO Installer Application" can be downloaded.

Downloading Thoropass from the Okta SSO catalog app store, will save considerable time and errors in configuring SSO login with Thoropass.

What is the overall process to configure Thoropass SSO login?

The following diagram illustrates the Thoropass SSO configuration process, which is outlined in more detail below.

Part 1: SSO Metadata URL

  1. Navigate to Thoropass -> Settings -> Authentication and click "SET UP SAML"

  2. Choose Okta from the list and click Continue

  3. In Okta, install Thoropass here in the Okta SSO Catalog

  4. In Okta, copy the Metadata URL provided
    Okta automatically provides a "Metadata URL" once Thoropass is installed.

  5. In Thoropass, paste the Metadata URL and click Continue​

  6. (Optional) To add Thoropass to your SSO Provider Dashboard screen, copy the Relay State URL in Thoropass and add it to the Okta -> Sign On -> Default Relay State Field.

Part 2: Specify SSO Domains

  1. Type a URL domain in the input field and press "Enter"

    1. Enter domains in the format: MyDomain.com

    2. Multiple domains can be added following the steps above
      Ex: (MyDomain.com) (MyDomain02.com)

    3. Click Continue

Part 3: Test SSO Login & Enable Thoropass SSO

  1. Use the "TEST URL" to confirm the SSO config works before enabling:

    1. Copy the "TEST URL"

    2. Open the URL in an Incognito browser window and attempt SSO login
      The TEST URL will automatically redirect to your SSO login
      If SSO login is successful, you will navigate to the Thoropass application

  2. Click the "Confirm" checkbox IF the Test URL login was successful

  3. Click “Configure” to enable Thoropass SSO login for your organization
    Once enabled, the Thoropass login page (login.thoropass.com) will redirect all users with the email domains you provided, to your SSO login. Only provisioned users for Thoropass, in your SSO provider, can log in.

FAQs

  1. How to disable SSO login and Re-Enable Standard Login?

    1. Navigate to Thoropass -> Settings -> Authentication

    2. Select "Disable" in the SAML SSO Login and follow the prompts

    3. Standard login will be automatically enabled

    4. Navigate to Settings -> Users and "Reinvite" ALL users in the list

      Important Note: Once SSO is Disabled, No users will be able to login again until they are "reinvited", including the Admin who is disabling SSO.

Did this answer your question?