<aside>
❗ This setup might fail without parameter values that are customized for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.
</aside>
<aside>
⚠️ Read this before you enable SAML
Enabling SAML affects all users who use this application, which means that users won't be able to sign in through their regular sign-in page. They will only be able to access the app through the Okta service.
Backup URL
Tines doesn't provide a backup sign-in URL where users can sign-in using their normal username and password. You can contact Tines Support ([email protected]) to turn off SAML, if necessary.
</aside>
Contents
Supported Features
The Okta/Tines SAML integration currently supports the following features:
- SP-initiated SSO
- IdP-initiated SSO
For more information on the listed features, visit the Okta Glossary.
Configuration Steps
- In Okta, select the General tab for the Tines SAML app and confirm that your Tenant URL is correctly set. This is simply the URL that you use to access Tines. It should look something like
https://quiet-sun-1234.tines.com (without a trailing / ).
- Select the Sign On tab and under Sign on methods > SAML 2.0 > Metadata details, click on More details. Copy buttons for Sign on URL and Signing Certificate should now be visible - you will use those in a later step.
- Sign in to your Tines tenant, then click on your name / Avatar in the top left hand corner and click on Authentication settings.
- In the Authentication type dropdown, select Single sign on (SSO) via SAML.
- Using the copy buttons from step 3:
- Copy the Sign on URL value from Okta and paste it into the SAML identity provider URL field in Tines
- Copy the Signing Certificate from Okta and paste it into the SAML identity provider public certificate field in Tines.
- Hit Save and you’re done!
Notes
- Only Tines admin users have access to configure authentication settings within Tines.