Organisation and GDPR
Single Sign On (SSO) with Okta
Okta is an authentication service. It's easy to add an Okta Legalesign App to let your people use their Okta credentials to access Legalesign.
Once Okta is set up, simply invite colleagues to your team (and select the option to suppress invitation emails). When they login with Okta they'll go direct to your workspace.
To set up Okta, first contact support and let us know you require an Okta SSO, to make sure you are on right plan.
When you are ready, set up the Okta Legalesign App. This should take about five minutes, or less.
On Okta go to Admin and click on 'Add App'.
Then "Create New App".
Select "OIDC - OpenId Connect" and, from the further menu, "Web Application".
For integration name, add 'Legalesign'. Right click on the image below and press 'save as', then upload it to the Logo setting.
Leave 'Grant Type' as it is - only 'Authorization Code' should be ticked for that section.
For 'Sign in Redirect URIs' add:
https://app1-legalesign.auth.eu-west-2.amazoncognito.com/oauth2/idpresponse
For Sign-out Redirect URIs' add:
https://app1.legalesign.com/auth/logged-out?t=1
Ignore 'Trusted Origin', and set the last section 'Assignments' according to your preferences.
Click 'Save' and your application is created.
The system will redirect you to your Legalesign App admin. Note 'Client ID' and 'Client Secret', we'll need them shortly.
Click to the 'Sign On' section - just below where it says 'Legalesign' at the top.
Scroll to 'OpenId Connect Token'. Press the edit icon, and change the 'Issuer URL' from 'Dynamic' to the second option, which will be a web address. Save it and copy that Issuer URL.
Finally, think of a short name for the integration. This is potentially public and goes into a URL you will use to login, so you may want to slightly obfuscate it but leave it memorable to you.
e.g. if your organisation is Global Exports, your integration name might be 'GE'.
Now send your chosen name and Okta's Issuer URL, Client Id and Client Secret to support@legalesign.com.
That's it. We'll come back to you when your SSO is ready.