Okta SSO - Setup

Resources


GETTING STARTED - Okta SSO

In this tutorial, you'll learn how to integrate WestFax with Okta's Single Sign on solution.
When you integrate WestFax with Okta, you can:

  • Control who has access to the WestFax platform.
  • Enable your users to be automatically signed-in to WestFax with their Okta SSO accounts.
  • Manage your accounts in one central location.

Prerequisites

To get started, you need the following items:

Configuring WestFax for SSO

If you have enabled SSO/AD with WestFax you are just a few steps away from enabling single sign on with WestFax.

Here are the steps to get your SSO setup with WestFax:

In order to utilize SSO and Active Directory sync you must have SSO enabled on your account. Contact your account manager and ask them to activate this functionality. There may be some setup fees involved. Your account manager can walk you through the process and provision your account.

After you are SSO enabled you will want to login to the admin tool and go to the SSO tab and you should see a screen like this:

SAML Config

There are three values here you want to copy for use in the Okta setup:

Consume Endpoint: https://home.westfax.com/login/Consume/YourProviderId
Redirect Endpoint: https://home.westfax.com/login/sso/YourProviderId
Metadata Endpoint: https://home.westfax.com/login/metadata/YourProviderId

You will need these values later. Copy them somewhere for use.

At this point you need to log in to Okta Admin panel for your organization at login.okta.com. With the values you copied above you will add a connection to WestFax's SSO provider.

Here are the steps:

  1. Login to Okta Admin Dashboard
    With your admin account log into the Okta Admin portal cloud website.
  2. Go to Applications -> Applications

    Okta Image 1
  3. Click "Create App Integration"

    Okta Image 2
  4. Click SAML 2.0 and Click Next


    Okta Image 3
  5. Set App Name and Logo


    Enter WestFax for the name and here is a logo you can use if you like. Click Next Okta Image 4
  6. Copy values from WestFax into the Okta SAML Settings Page
    Copy the values from the first step into the settings page for the Okta SAML Settings.

    Okta Image 5

    For the fields enter the following:
    1. A - Single Sign On URL: https://home.westfax.com/login/Consume/YourProviderId
    2. B - Audience URI (SP Entity ID): https://home.westfax.com/login/metadata/YourProviderId
    3. C - Name Id Format / Application Username: Email Address / Email (You can use other fields as well. Contact WestFax for guidance if you need it.


    Download your x.509 Certificate to a secure location for use in the next step.
    Okta Image 5.5

  7. Click Next and finalize the setup

    On this page just click "I am an Okta customer adding an internal app" and click Finish to complete
    Okta Image 6

  8. Click "View Setup Instructions" in the yellow box


    Okta Image 7

  9. Copy first two values to notepad

    Okta Image 8

    You need to copy the complete Identity Provider Single Sign-On URL for later use and for the Identity Provider Issuer just copy the unique code after the http://www.okta.com/{uniquecodehere}

Now you will want to copy the two values from the Previous step into the WestFax SSO panel. Then we'll also add your Okta x.509 certificate as well. You will need to login to the WestFax Admin panel first and click on the SSO section.

Here is the screen you will add your settings.

Okta Image 9

Needed Settings:

A - Login Endpoint - This comes from the previous step (Identity Provider Single Sign-On URL).
B - Client Id (App Id) - This comes from the previous step (Identity Provider Issuer snippet).
C - Certificate x.509 - This is the certificate file you previous downloaded (*.cert file). Click upload, select your certificate that you downloaded previously.

When you are done click Save Settings.

You are now setup for SSO!

You will want your team to login using the Redirect Login link which is usually

https://home.westfax.com/sso/login/YourProviderId

If you have any questions please reach out to us directly at 303-299-9329 or contact your account manager.

Get your SSO and Fax platform integrated today!

What is Single Sign On (SSO)?

Single sign on (SSO) is an identification method that allows users access to multiple applications / websites with one set of credentials. The integration of SSO within an enterprise makes password management easier and improves security as workers access applications that are on-premises as well as in the cloud.

WestFax SSO integration allows for seamless sign-on to the Fax Console and makes fax provisioning and permissions management simple.

What is Active Directory Sync?

Active Directory Synchronization is a light-weight application installed on the customers computer that enables simple synchronization of users and fax lines.

An admin creates Security groups for each fax line and then adds and removes users to that group. Each group is bound to a fax number in the WestFax portal. Users can belong to several Security groups which would grant them access to multiple fax numbers.

Need to remove access? Just remove the user from the Security group and they no longer have access to the fax number.