Overview: Okta is a cloud-based identity and access management solution that enables organizations to manage and secure user identities, enforce access controls, and streamline authentication across internal systems and external applications.
When integrated with Buddy Punch, Okta allows employees to sign in using their existing organizational credentials.
Important! The Okta SSO can only be used with the Buddy Punch website. Additionally, Okta SSO access is only available to users on the Enterprise plan.
Instructions:
Prerequisites
To set up Single Sign-On (SSO) with Okta, a few requirements must be met before we can begin the integration process, which include:
Your company must be on the Buddy Punch Enterprise Plan.
The person requesting SSO setup must be an Administrator on your Buddy Punch account.
Once both prerequisites are confirmed, you can move on to the next section covering how to Initiate SSO Setup in Buddy Punch.
Initiate SSO Setup in Buddy Punch
Once both prerequisites are confirmed as detailed here, you can then reach out to our team to initiate the SSO setup process.
This can either be done by contacting our support team at [email protected] or by using the in-app chat in the bottom right-hand corner of your Buddy Punch Administrator account:
After verification, we’ll provide your organization with our SAML metadata file, which is used to configure the connection between Okta and Buddy Punch.
Important! We only offer IDP-initiated SAML SSO at this time.
In return, we'll need your team to provide the following:
App Federation Metadata URL
Login URL (Optional, if you don't want your employees to be directed to our login page from our emails)
Okta Issuer / Entity ID
Once we have that information, it will take approximately one business day to get SSO enabled on the account.
Enable SSO in Okta
After receiving the Buddy Punch SAML metadata file, you can start the process of configuring Okta as the identity provider for Buddy Punch.
The steps include:
In your Okta Admin Console, add a new SAML 2.0 application.
Upload or paste in the Buddy Punch SAML metadata.
Map and assign users or groups who should have access to Buddy Punch.
Okta provides a detailed step-by-step guide for configuring SAML apps, which you can find in their documentation here.
After our team follows up to confirm the SSO is live, you can proceed with testing the Okta SSO connection to ensure everything is working correctly.