Email addresses for users in Okta and on Tuple
After signing in or creating your Okta account you'll need to add a new SAML SSO
application. Click on
Applications
in the navigation bar and then the 'Create App Integration' button.
Select SAML 2.0
as the sign-in method.
Name the app "Tuple" and upload an icon, which you can download here.
Fill in the following fields:
There are three additional attributes that Tuple requires in order to work:
email
, first_name
, and last_name
.
After finishing the install wizard, click View SAML Setup Instructions
on the Sign On tab
This will provide the metadata needed to configure SAML in Tuple:
And attach the downloaded certificate file.
Navigate to the Settings
tab of the team management dashboard. Note: Only Team Owners have access to this page, so you will need to be Team Owner to access this page. If you need to find out who the Team Owner for your team is, view your profile.
Toggle to Enable SAML, and the configuration form will be revealed:
Fill in the values with your metadata:
Press "Save Configuration" to turn on SAML for your team. Once SAML is enabled, any active Tuple sessions will persist, but any new logins will be forced to authenticate using Okta. Log in here to verify that it's working.
Enable System for Cross-domain Identity Management (SCIM) to automatically provision/deprovision user accounts and update profiles in Tuple when updated in Okta.
Your Okta app must be configured at creation time to use SCIM. If you have an existing app you'd like to use SCIM with, please contact Okta Support.
To use SCIM provisioning, send an email to support@tuple.app.
Once approved, you will find your SCIM credentials on your
Team Management page in Tuple:
Once you have receive credentials, enable SCIM provisioning in Okta:
In "Provisioning", configure with the following values:
Enable the following features:
Use the credentials you received earlier via your Team Management page.
Once the integration step is successful enable features "To App":