Configuring SAML, Single Sign On (SSO), Okta, or Azure

Another Textline security feature that Admins can configure is using Security Assertion Markup Language (SAML) so their Agents can log into Textline using their external identity provider, commonly called Single Sign On (SSO).  This can come in the form of a self-hosted identity manager or through the services of providers like Okta and Azure.  This is a feature that is available to those on the PRO plan only.  Continue reading below for step by step instructions on integration your identity provider with Textline's SAML feature.

Image_2020-07-09_at_4.58.23_PM.png

Okta

  1. Login to your Okta instance and navigate to the Applications tab, then click the “Add Application” button.
  2. Search for Textline and select it when prompted.
  3. Next to Textline SAML, Click Add.
  4. This will take you to the General Settings page, click Done.
  5. Click the Sign On tab.
  6. Click the Update Now button which should appear within the Credentials Details section within the Settings box.
  7. If your Okta username format uses something other than email address, click the Edit button for the Settings box. Otherwise skip to step 9.
  8. You will need to change Application username format to Email and click the Save button.
  9. Now, click the “View Setup Instructions” button within the Settings box.
  10. Scroll down and find the following values for your organization and copy them to insert into Textline in step 12.
    • Login URL/SignOn URL
    • IDP Issuer/EntityID
    • X509 Certificate
  11. Now open up Textline and head to Settings -> Security -> SAML.
  12. You will now see a screen to enter in the values you copied in Step 10:
    • SSO Target URL: Login URL/SignOn URL
    • SAML Issuer: IDP Issuer/EntityID
    • Certificate: X509 Certificate
  13. Click Save.
  14. You are now setup and can login to Textline from your Okta portal.

Azure

  1. In the Azure portal, on the Textline application integration page, find the Manage section and select Single Sign-On.
  2. On the Select A Single Sign-On Method page, select SAML.
  3. On the Set Up Single Sign-On with SAML page, click the edit/pen icon for Basic SAML Configuration to edit the settings.
  4. On the Basic SAML Configuration section, the application is pre-configured and the necessary URLs are already pre-populated with Azure. The user needs to save the configuration by clicking the Save button.
  5. On the Set Up Single Sign-On with SAML page, in the SAML Signing Certificate section, find your Certificate (Base64) and select Download to download the certificate and save it on your computer to enter into Textline in Step 8.
  6. On the Set Up Textline section, copy the Login URL and the Azure AD Identifier to be entered into Textline in Step 8.
  7. Now open up Textline and head to Settings -> Security -> SAML.
  8. You will now see a screen to enter in the values you copied in Steps 5 and 6:
    • SSO Target URL: Login URL copied in Step 6
    • SAML Issuer: Azure AD Identifier copied in Step 6
    • Certificate: Certificate (Base64) downloaded in Step 5
  9. Click Save.
  10. You are now setup and can login to Textline from your Azure.

Custom SAML

  1. Set up your identity provider.  Make sure that the username you pass is in the form of an email address.
  2. Sign in to Textline and head to Settings -> Security -> SAML.
  3. Fill the values as provided by your Identity Provider:
    • SSO Target URL: The Identity Provider's Single Sign-On URL
    • SAML Issuer: Usually the Identity Provider issuer.
    • Certificate: Base64 certificate provided by your Identity Provider.