SSO via Okta

Overview

General SSO configuration for the Infinipoint console can be found here.

Configuration

Configure SSO to the Infinipoint Console via Okta using the Infinipoint application from the Okta integration network.
In this configuration, users login to the Infinipoint console which then sends an authorization request to Okta.

At the Okta admin console, navigate to Applications > Applications and click the Browse App Catalog button.
Search for the Infinipoint App, select it, and click Add Integration.
At the Application label enter Infinipoint Console and click Done.
At the new dialog window, click the Sign On tab at the top.
Copy and save to your desktop the Client ID and Client secret.
Click the OpenID Provider Metadata link and copy the issuer URL to your desktop.
Email support@infinipoint.io and provide the following information:
- Issuer: <the URL copied from the OpenID Metadata JSON document>
- Client ID: <the client ID obtained from the sign-on tab>
- Client Secret: <the client secret obtained from the sign-on tab>
- Users list: a list of email addresses and full names of the relevant users you wish to add.

We will use the information provided to configure the SSO for your tenant.

Supported Features

Service Provider (SP)-Initiated Authentication (SSO) Flow

This authentication flow occurs when the user attempts to log in to the application from infinipoint.

Identity Provider (IdP)-Initiated Authentication (SSO) Flow

This authentication flow occurs when the user attempts to log in to infinipoint from Okta.
Note: IdP-Initiated flow is only supported for the Europe environment at this point.

SP-initiated SSO

Depending on your environment, you can login to the console via SP-initiated SSO from the following URLs:

https://console.infinipoint.io/auth/login

https://console.us-1.infinipoint.io/auth/login

Once you type an Okta domain managed email to the email field and click on the next button, you will be redirected to the relevant Okta tenant for authentication: