How to set up Okta SSO Authentication in Consensus

This article explains how to set up Consensus inside of Okta

    Add an App

    login to Okta as an admin and go to the applications page. Then click on Add Application

    Now click Create New App

    Screen Shot 2021-05-04 at 9.00.39 AM

    Select Saml 2.0 from the list and click create

    Screen Shot 2021-05-04 at 10.31.06 AM

    Name the app Consensus if you want to use a logo, you can download one here

    Screen Shot 2021-05-04 at 12.39.57 PM

    In the SAML settings page we now need to go get some information from Consensus. 

    Log in to Consensus as an admin. Then go to settings>integrations>SSO. If you do not see SSO as a tab, contact your CSM.

    In the SSO Settings Copy the Entity ID

    now back inside of Okta add in the following information

    Audience URI - Paste in the Entity ID that was copied from Consensus

    Single sign on URL - Use the following format to create the URL https://app.goconsensus.com/sso/auth/signin/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx (the x's represent the hash, and it should match the same as the x's in app.goconsensus.com-xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx)

    If your Okta username is email, then you are good to proceed, if your usernames are domain stripped (e.g. jsmith) then you will need to change it to be the email.

    On the next page select the first option.

    Now click on View setup instructions

    Screen Shot 2021-05-04 at 12.50.47 PM

    and copy the Identity Provider Single Sign-On URL

    Back inside of Consensus, paste the Identity Provider Single Sign-On URL (**OR the downloaded XML file**) into the field titled "Enter URL to your authentication service"

    *NOTE: Consensus recommends using XML file instead of URL. You should only use one method to avoid creating an authentication loop. (If using XML FILE do NOT use URL. If using URL do NOT use XML file in your configuration). 

    Go back and also click on the Identity Provider metadata link and copy the URL of the page that it opens up.

    idpmd

    Back in Consensus paste the URL into "IDP Metadata URL"

    Click Save.

     

    That's all there is to it, as long as the right people are assigned inside of Okta, and they have a user account inside of Consensus.