Okta is a Single sign-on (SSO) user authentication tool that enables users to securely access multiple applications and services using just one set of credentials. If your company has added Okta to their ModernLoop plan, you can manage login access to ModernLoop and maintain consistent security across your organization through Okta.
This help centre article outlines the prerequisites, supported features, and steps to enable SAML and SCIM with ModernLoop's Okta Integration. By following this guide, you will be able to smoothly implement the integration and leverage its capabilities for seamless user management.
View our integration on Okta here: https://www.okta.com/integrations/modernloop/
In this article
- Supported Features: SAML
- Supported Features: SCIM
- Enabling SAML
- Enabling SCIM
- Managing ModernLoop User Role
Single sign-on, including Okta is an optional, paid add-on service.
If you are not currently using Okta with ModernLoop but want to explore it further, contact your Account Executive or Customer Success Manager for additional information.
Supported Features: SAML
The Okta/ModernLoop SAML integration offers the following functionalities:
- Service Provider (SP)-initiated Single Sign-On (SSO)
- Just In Time (JIT) Provisioning
- Identity Provider (iDp)-initiated SSO
Supported Features: SCIM
With the Okta/ModernLoop SCIM integration, you can:
- Create users
- Update user attributes
- Deactivate users
Please note that Okta cannot update user attributes for Admin users due to an API limitation.
Your Customer Success Manager will email you your Customer ID and a list of existing ModernLoop users. Once you have received this information from your CSM, please proceed to completing the steps outlined below.
- Search for ModernLoop in the App Integration Catalog within Okta and select ModernLoop
- Click Add
Configure application settings
Sign On tab
- From the Sign-on tab, click Edit
- Scroll down and under Advanced Sign-on Settings, enter the Customer ID provided to you by your CSM
- Click Save
- Select Copy under the Metadata URL
- Provide this URL to your Customer Success Manager
Users of ModernLoop must be provisioned in the Assignments tab. Your CSM will provide you with a list of current ModernLoop users to be provisioned. Please refer to Okta's best practices for provisioning and deprovisioning users:
ModernLoop supports user provisioning and deactivation. Following SAML attributes are supported.
- Navigate to the Provisioning tab
- Select Configure API Integration
- Enter the API Token in the API Token field and select Test API Credentials
- Click Save
Your ModernLoop Customer Success Manager should have provided you with a SCIM API Token specific to your organisation. To finalise the setup, navigate to the Provisioning tab, enter the token into the designated input field, test the connector configuration, and save your changes. This process will enable user provisioning on ModernLoop via Okta.
Managing ModernLoop User Roles
ModernLoop offers two user access roles: Admin and Scheduler. The Admin role grants comprehensive administrative access to your ModernLoop organisation, while the Scheduler role provides more limited access. You can select the user role while assigning the user to Modernloop app in Okta.
Note: if no user role is specified, the default role will be set to Scheduler.
If you encounter issues while using ModernLoop's Okta Integration, consider the following solutions:
- SAML not working: Ensure that you have entered the correct Customer ID and provided the necessary configuration details to your ModernLoop account executive.
- SCIM not working: Verify that you have added the SCIM API Token supplied by the account executive.
For additional assistance, please contact ModernLoop support at firstname.lastname@example.org.
Q: Does ModernLoop support IDP initiated login?
A: ModernLoop does support IDP initiated login.
Q: Can I log in with Google SSO if my company is using Okta?
A: Once Okta has been implemented for your organization, all users must log in using Okta.