Spyglass customers may configure a default Identity Provider to enable Single Sign-On (SSO). This page details how to configure Okta as your primary Identity Provider.

Supported Features

• Service Provider (SP)-Initiated Authentication (SSO) Flow - This authentication flow occurs when the user attempts to log in to the application from the Spyglass application.

• Just-In-Time (JIT) User Provisioning - Users are created in Spyglass on the fly when they authenticate, and don't need to be created in advance.

• Identity Provicer (IdP)-Initiated Authentication (SSO) Flow - We recommend using Okta's bookmark app approach to create an icon on user's launchers, map it to your unique login URL and add our logo.

Requirements

In order to proceed with configuring login with SSO through Okta, you must:

• Have access to an Okta tenant.

• Be an Okta administrator to that tenant.

• Be an existing Spyglass customer. If you are not a Spyglass customer, please contact freetrial@spyglass.software.

Configuration Steps

At the moment, setup requires contacting Spyglass directly:

1. Add the Spyglass Okta Integration to your Okta organization.

2. Email support@spyglass.software with the subject "SSO Setup"

3. Include your Client ID, Client Secret, and Issuer URL.

4. Your account will be set up ASAP.

SP-initiated SSO

1. Go to the URL provided by your Spyglass administrator, it should look like: "https://app.spyglass.software/login/sso/<your-company-id>"

2. Click the button that says “Sign in with Okta”.

3. If you are prompted for your Okta username and password, enter them.

4. If the credentials in 3 above are valid, you will be redirected to Spyglass and will be logged into Spyglass's dashboard.

Notes

If you encounter any issues or have any questions, please do not hesitate to reach out to support@spyglass.software.