Okta SSO

Setup Okta SSO for Liquid & Grit

In this guide, we'll show you how to setup Okta SSO for the Liquid & Grit application. You can use Okta and OpenID to sign in to Liquid & Grit, conveniently managing your organization's users in one place.

Prerequisites

- A Liquid and Grit account
- Admin access to Okta

Supported Features

- Identity Provider initiated Single Sign On - when logging in from Okta
- Service Provider initiated Single Sign On - when logging in from Liquid and Grit (Users can login via https://my.liquidandgrit.com/okta?login=YourTenantID - replace YourTenantID with the Tenant ID you receive in step 1 below)
- Users will be automatically created in Liquid and Grit when Single Sign On is initiated

Step 1: Request an Okta Tenant ID

The first step for enabling SSO with Okta is to request a unique Okta Tenant ID from our support team. Contact us to request a unique tenant ID. This will be needed to complete the setup.

Step 2: Add the Liquid & Grit integration to your Okta account

  1. Log into Okta. Make sure that you are an administor on the Okta account.
  2. Go to Applications > Applications.
  3. Select Browse App Catalog.
  4. Search for "Liquid & Grit" in the search bar.
  5. Select + Add Integration.
  6. Click Done.

 

Step 3: Enter your unique Tenant ID

  1. Go to Applications > Applications.
  2. Navigate to the Sign On tab.
  3. Under Advanced Sign-on Settings, enter your unique Tenant ID that you received during Step 1 to the TenantID fields.
  4. Click Save.

 

Step 4: Assign users

You can now create groups and assign users to the Liquid & Grit appliation inside Okta.

Step 5: Send details to our support team

You will need to send us the following details:

  • Okta Domain Name (find this in your browser URL bar)
  • Client ID (find this under the Sign On tab in the Liquid & Grit application)
  • Client Secret (find this under the Sign On tab in the Liquid & Grit application)

Once we have the details, we will update our sytem and we will communicate to you once Okta SSO has been enabled on your account.