How to set up Okta SSO Authentication in Consensus

This article explains how to set up Consensus inside of Okta

    Add an App

    login to Okta as an admin and go to the applications page. Then click on Add Application

    Now click Create New App

    Screen Shot 2021-05-04 at 9.00.39 AM

    Select Saml 2.0 from the list and click create

    Screen Shot 2021-05-04 at 10.31.06 AM

    Name the app Consensus if you want to use a logo, you can download one here

    Screen Shot 2021-05-04 at 12.39.57 PM

    In the SAML settings page we now need to go get some information from Consensus. 

    Log in to Consensus as an admin. Then go to settings>integrations>SSO. If you do not see SSO as a tab, contact your CSM.

    In the SSO Settings Copy the Entity ID

    Screenshot 2024-03-22 at 9.47.42 AM

    now back inside of Okta add in the following information

    Audience URI - Paste in the "Entity ID" that was copied from Consensus

    Single sign on URL - Paste in the "Single Sign On URL" from Consensus. 

    If your Okta username is email, then you are good to proceed, if your usernames are domain stripped (e.g. jsmith) then you will need to change it to be the email.

    On the next page select the first option.

    Now after creating your new application,  visit the "Sign On" tab and scroll down to Settings. 

    Copy the Metadata URL from either the settings section, OR from the Active SAML Certificate. 



    if you choose this approach, you'll need to first view the metadata, which opens a new tab, and then you'll need to copy the URL for that metadata. 


    Back inside of Consensus, paste the Metadata URL into the field titled "IDP Metadata URL"

    *NOTE: You should only use one method (XML File upload or direct metadat URL) to avoid creating an authentication loop. (If using XML FILE do NOT use URL. If using URL do NOT use XML file in your configuration). 

    Please make sure the "Enter URL to your authentication service" field is left blank. 



    That's all there is to it, as long as the right people are assigned inside of Okta, and they have a user account inside of Consensus.