Single Sign-on functionality in TeamDesk is available in Enterprise editions running either on TeamDesk subdomains or custom domain names. In this guide we’ll be referring to our test subdomain, enteprise.teamdesk.net. While setting up, please substitute enterprise.teamdesk.net with your own domain/subdomain name.
Ready to go?
Setup single sign-on in TeamDesk
First, in TeamDesk navigate to My Domain | All Users | Single Sign-on, switch to Test Mode and click Update button. New section, Service Provider will appear. Save Public Key as file.
Keep service provider settings on display, we’ll need this information later.
Setup single sign-on in Okta
In Okta, navigate to Admin Console, select Applications from the side bar. Then click Create App Integration, select SAML 2.0 and click Next.
On General Settings tab name the app, say, TeamDesk SSO, add a logo, click Next.
Then, copy the information from TeamDesk’s Service Provider section to the fields on Configure SAML tab.
- Copy Login URL to Single sign on URL field.
- Copy Entity ID to Audience URI.
- Set Name ID format to EmailAddress.
- Set Application Username to Email.
Now, click Show Advanced Settings. For the most part Okta-provided defaults are well balanced. We would only recommend to enable and configure Single Logout.
- Check Enable Single Logout.
- Copy Logout URL into Single Logout URL.
- Copy Entity ID into SP Issuer.
- Upload Public Key obtained from TeamDesk into Signature Certificate field.
Complete questionnaire on Feedback tab and click Finish. You’ll be forwarded to Sign On tab.
Click View Setup Instructions, scroll all the way down to Provide the following IDP metadata to your SP provider, select the content of the text box (it’s resizable by the way), copy and paste into TeamDesk’s Identity Provider’s Metadata XML text box. Click Update button.
There is one more thing to do.
Switch back to Okta. Navigate to Assignments tab and add your user account as well as other users to the application.
You are ready to go!