Okta Integration with Mandatly

Integrating Okta with Mandatly application streamlines user authentication by enabling Single Sign-On (SSO). This integration allows users to access the Mandatly application using their Okta credentials, enhancing convenience and security. Once configured, users can log in to Mandatly application with a single set of credentials managed through Okta, reducing the need for multiple passwords and improving overall user experience.

Follow the few steps given below:

1. Login to your Okta account.
2. Navigate to Directory -> People -> Add person.
3. Add all users who require access to the Mandatly account.
   
   
   
   Note: If the intended users for Mandatly are already established in Okta, you may skip steps 2 and 3.
   
   
4. Navigate to Applications -> Applications -> Create App Integration

5. Select the Sign-in method = OIDC - OpenID Connect and Application type = Web Application and click on the Next button.
   
   
   
6. Name your App integration as MandatlyApp and add Mandatly’s logo in Logo field.
7. Ensure that the Authorization Code is set as the Core Grant Type.
8. Enter the Mandatly’s login URL in Sign-in redirect URLs.
   https://<tenancyname>.mandatlyonline.com/account/login
   
   
   
   
9. Select the Controlled Access type as per your requirement.
10. If you select Allow everyone in your organization to access, turn off the Immediate access with Federation Broker Mode.
11. Click on the Save button.
    

12. Navigate to General Settings section -> Edit -> Grant Type -> Advanced.
13. Select Implicit (hybrid) and Allow ID Token with implicit grant type if you want your Response Type to be id_token. 
14. Select Implicit (hybrid) and Allow Access Token with implicit grant type if you want your Response Type to be token.        
15. If you do not select the other grant type, set the Response Type to be Code.
    
    
    
    Note: Response Type setting is done in Mandatly system -> Administration -> Settings -> External Login Settings.
    
    
    
    
16. Navigate to Login section-> Login initiated by.
17. Select Either Okta or App in Login initiated by.
18. Select Display application icon to users in Application visibility.
19. Select Redirect to app to initiate login (OIDC Compliant) in Login flow.
20. Enter the Initiate login URL:
    https://<tenancyname>.mandatlyonline.com/account/login?OID=1
     

21. Click on the Save button.
22. Copy and securely save the Client ID and Client Secret for use in your Mandatly account.

Note: After the application has been created, you can assign it to the existing users by navigating to Directory -> People.

23. Login to your Mandatly account.
24. Navigate to Administration -> Settings -> External Login Settings.
25. Uncheck the “Disable External Login” checkbox        

Other features: 

• Auto generate new user: The system will automatically generate a new user in Mandatly if any user is created in Okta after app Integration. 
• Visible External Login Button on Login Screen: Display the login button on login screen even when the user directly accesses Mandatly portal URL.

26. Enter the Client Id and Client Secret as copied from your Okta account.
27. Enter the https://<oktasubdomain>.okta.com in Authority (okta issuer) and https://<oktasubdomain>.okta.com/oauth2/v1/authorize in Login URL (okta authorization_endpoint).
    Note: Replace okta subdomain with your actual okta subdomain.

28. Navigate to User Management.
29. Enable the New registered users are active by default. This will automatically Activate the users created after the App Integration.
    
    Note: This setting is applicable when the "Auto-generate new user" option has been enabled in the External Login Settings.
    
    
30. Click on the Save button to save the External Login Settings. 
31. To login to your Mandatly Portal, open the Mandatly Portal URL -> External Login.

32. You will be redirected to the okta login screen.
33. Enter your Okta credentials and click on the sign in button.
    

34. You will be redirected to the Mandatly Portal, and the user will be registered in Administration -> Users grid.
    
    
    

You have successfully integrated Okta with your Mandatly account. You may now utilize the Single Sign-On (SSO) functionality.