1

Okta Single Sign-on (SSO) for Vonage Business Communications

2

OKTA SINGLE SIGN-ON (SSO) FOR VBC

Introduction 2

What is Okta? 2

Prerequisites 2

Configuring Okta Single Sign-on 3

Creating an app in Okta 3

Creating a SAML Integration 4

Configuring a SAML Integration 5

IntroductionThis document describes how to configure Single Sign-on for Vonage Business Communications using Okta as your identity provider (IDP).

What is Okta?Okta is a cloud-based identity and access management service, that helps your employees sign in and access resources. Okta enables single sign-on access to cloud applications (like Vonage Business Communications).

Once a user signs into Okta, they can then launch any of their enabled web apps without re-entering their login credentials for each app. Okta establishes a secure connection with the user’s browser and then authenticates the user to login to Okta managed apps via SAML, a pre-integrated, federated authentication protocol.

PrerequisitesAn Okta account is required to configure Single Sign-on using Okta. If you do not have an Okta account, you can sign up for a developer account at https://developer.okta.com/signup/.

3

OKTA SINGLE SIGN-ON (SSO) FOR VBC

Configuring Okta Single Sign-on

Creating an app in OktaWhen you add an app to your Okta applications, one of the single sign-on options available to you is SAML-based single sign-on. To configure Okta for Vonage Business Communications choose SAML.

1. Sign in to the Okta Developer portal using your Okta developer account.2. Navigate to the Applications section using the navigation menu.3. Switch to the Okta Classic UI using the UI selector above the navigation menu.4. Select Add Application. This will open up a search interface for pre-packaged applications.

5. From the Add Application page, click on Create New App.

4

OKTA SINGLE SIGN-ON (SSO) FOR VBC

6. On the Create a new Application Integration window select the following settings.

7. Click Create to continue and use the instructions below to create a SAML Integration.

Creating a SAML Integration

1. In the App Name text box enter the display name for your new integration.

2. Click Next to continue to the next step.

5

OKTA SINGLE SIGN-ON (SSO) FOR VBC

Configuring a SAML IntegrationWhen configuring a SAML integration, you will need to enter the URLs and SP issuer values provided by Vonage Business Communications.

1. Enter the following settings. a. Audience URI (SP Entity ID): vonage-vbc b. Single Sign-On URL: https://login.auth.vonage.com/commonauth

2. On the Feedback tab, select the I’m an Okta customer adding an internal app option (shown below)

3. Once you are done creating an app, you will see the prompt below. Click on View Setup Instructions.

6

OKTA SINGLE SIGN-ON (SSO) FOR VBC

4. The setup instructions window will appear in this view:

5. Open the Vonage Business Communications Single Sign-on Settings page in a separate browser window.6. Copy the values from Okta into your Identity Provider Settings on the Vonage Business Communications

Single Sign-on Settings page.

Okta Setting VBC Setting

Identity Provider Single Sign-On URL Sign-in page URL

Identity Provider Issuer Entity ID

Identity Provider Single Logout URL Sign-out page URL

7. Upload your X509 certificate from the previous section into the Upload Certificate field.8. When you’ve pasted all the values into the appropriate fields, select Save.9. Download your service provider certificate using the Download Certificate button.10. After your Identity Provider Settings have been configured, your Okta application settings require an update

to add a secondary Single Sign-on URL.

7

OKTA SINGLE SIGN-ON (SSO) FOR VBC

11. Navigate back to the Okta Developer portal and sign in using your Okta developer account.12. Navigate to the Applications section using the navigation menu.13. Select your previously created Okta application.14. Navigate to the SAML Settings section on the application details page and click Edit.15. Click Next to open the Configure SAML step.16. Select Show Advanced Settings.17. Select Allow this app to request other SSO URLs.18. Copy the values from your Vonage Business Communications Service Provider Settings on the Vonage

Business Communications Single Sign-on Settings page into your Okta application.

Okta Setting VBC Setting

Single Sign-On URL Sign-in URL (Default)

Requestable SSO URL Sign-in URL (Secondary)

Audience URI (SP Entity ID) Entity ID

Single Logout URL Sign-out URL

19. Upload your service provider certificate into the Signature Certificate field.20. Click Next to save your changes.

● Note: to assign users to your app, please follow these instructions. ● Note: to enable a flexible username format (other than email address),

please refer to these instructions.

TR_SSO-OKTA_0820 | ©2020 VONAGE 8