Email addresses for users in Okta and on Tuple
After signing in or creating your Okta account you'll need to add a new SAML SSO
application. Click on
Applications in the navigation bar and then the 'Create App Integration' button.
SAML 2.0 as the sign-in method.
Name the app "Tuple" and upload an icon, which you can download here.
Fill in the following fields:
There are three additional attributes that Tuple requires in order to work:
After finishing the install wizard, click
View SAML Setup Instructions on the Sign On tab
This will provide the metadata needed to configure SAML in Tuple:
And attach the downloaded certificate file.
Navigate to the
Settings tab of the team management dashboard. Note: Only Team Owners have access to this page, so you will need to be Team Owner to access this page. If you need to find out who the Team Owner for your team is, view your profile.
Toggle to Enable SAML, and the configuration form will be revealed:
Fill in the values with your metadata:
Press "Save Configuration" to turn on SAML for your team. Once SAML is enabled, any active Tuple sessions will persist, but any new logins will be forced to authenticate using Okta. Log in here to verify that it's working.
Enable System for Cross-domain Identity Management (SCIM) to automatically provision/deprovision user accounts and update profiles in Tuple when updated in Okta.
Your Okta app must be configured at creation time to use SCIM. If you have an existing app you'd like to use SCIM with, please contact Okta Support.
To use SCIM provisioning, send an email to firstname.lastname@example.org. Once approved, you will find your SCIM credentials on your Team Management page in Tuple:
Once you have receive credentials, enable SCIM provisioning in Okta:
In "Provisioning", configure with the following values:
Enable the following features:
Use the credentials you received earlier via your Team Management page.
Once the integration step is successful enable features "To App":