User Synchronisation : Okta AD

Joane Bonghanoy
Updated

Okta Active Directory (AD) User Synchronisation enables you to connect your Okta Active Directory to your Phriendly Phishing account. When an individual is configured in your Okta AD they will automatically be synchronised in your Phriendly Phishing account as a Learner. When an individual is removed from your Okta, the individual will be removed from your Phriendly Phishing account. 

Requirements

  1. Super Admin access to your Okta instance is required to create your Okta Application. The Super Admin role has the highest permissions of all the admins within Okta.
  2. If you have already set up an Okta application to allow SSO for Platform Admins please skip to Configure in Phriendly Phishing platform.

1. Create App Integration

  1. Access your Okta Administration application with Super Administrator privileges and switch to Admin.
  2. Navigate to Applications > Create App Integration. okta1.png
  3. Select the radio button SAML 2.0 > Next. okta2.png

  4. Set the App name to Phriendly Phishing  or a preferred name of your choosing.

     

     Set App Visibility to "Do not display application to icon to users".

     

    okta3.png

2. Set-up SAML in Okta

  1. Under Configure SAML, fill out fields with below details.

    • Single sign-on URL : https://launch.phriendlyphishing.com/company_admin/saml/acs

    • Check the box : Use this for Recipient URL and Destination URL

    • Audience URI (SP Entity ID) : PH2System

    • Name ID format : EmailAddress

    • Application username : Email

    • Update application username on : Create and update

     

    okta4.png

     

  2. Click okta6.png
  3. Under Feedback, complete as screenshot below and click Finish. okta5.png

3. Create API Token

  1. In your Okta Dashboard, navigate to Security > API > Tokens > Create token. okta7.png
  2. Enter a value for your API Token and click Create token. okta8.png
  3. Copy the token ID in any text editor. You will need this later. okta9.png

4. Assign Okta Security Group for Phriendly Phishing

  1. Navigate back to the Application created for Phriendly Phishing (created in Step 1).
  2. Click Assign > Assign to Groups. okta10.png
  3. Click Assign > Done

5. Configure in Phriendly Phishing platform

  1.   Important 

    Obtain below information prior in Okta before configuring in Phriendly Phishing

    • Okta URL : Your Okta URL, the URL that you’re using to sign in to OKTA
    • Security Group : Okta group created and assigned in step 4.
    • Authentication Token : Created in step 3.
    1. Log in to Phriendly Phishing, click Settings okta11.png
    2. Navigate to User Sychronisation > Learner Synchronisation > Okta. okta12.png

    3. Expand Okta Synchronisation and fill out details per below screenshot.

       

      AD Security Groups are visible as Segment in Learners page.

       

      okta13.png

    4. Set up frequency to sync as desired.
    5. Set User code as the Unique Identifier. okta14.png
    6. Click okta15.png and  okta16.png.
    7. Preview sample learners list by downloading CSV. 
      okta17.png
    8. If you're happy with the data, proceed to Enable the button. okta18.png
    9. Once sync has completed, it will show under the notification bell as below. okta19.png
       

  Congratulations ! You have successfully synched your learners from your AD via Okta.

Related to

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.