Configure Tenfold to use Okta as an identity provider utilizing SAML

Tenfold SSO Configuration with Okta

To set up SSO using Okta as the Identity Provider for Tenfold, follow these steps:

1. Navigate to Applications in the Okta Admin Console:
   • In the Okta Admin Console, click the Applications tab.
   • Select Applications from the dropdown (or use the Add Applications shortcut on the Dashboard tab).
2. Create a New SAML Application:
   • In the App Store, click Create App Integration.
   • Choose Platform as Web and Sign on Method as SAML 2.0. Then, click Next.
3. Configure SAML Application Details:
   • Set the App Name to something descriptive (e.g., Tenfold along with your company name).
   • Optionally, upload a logo for the app to help users easily identify it as Tenfold.
   • Adjust App Visibility settings as needed. These settings are optional but can help users know they’re using the correct app.
4. Set SAML Configuration (Step 2):
   • For the Single sign-on URL, enter: https://dashboard.tenfold.com/corporate-login/callback.
   • Select the "Use this SSO URL for Recipient and Destination URL" checkbox.
   • For Audience URI (SP Entity ID), enter: sso.tenfold.com.
   • Set Name ID Format to EmailAddress.
   • Set Application username to Okta username.
   • Choose Update application username on: Create and update.
   • Add the following Attribute Statements:
     • firstName → user.firstName
     • lastName → user.lastName Note: While these attribute statements are optional, they ensure user profiles in Tenfold match their Okta profiles. Failure to configure attributes such as Email, firstName, and lastName may result in profile inconsistencies.
5. Complete SAML Configuration (Step 3):
   • In Step 3, select I'm an Okta customer adding an internal app.
   • Provide feedback to Okta if you choose, and then click Finish.
6. Download Sign-On Metadata:
   • After completing the configuration, download the sign-on metadata for use with Tenfold.
   • If clicking the metadata link opens a webpage instead of downloading an XML file, save the webpage as an XML file (this is normal behavior).
7. Assign Users to the Application:
   • Navigate to the Assignments tab for the Tenfold application.
   • Click the Assign dropdown and choose to Assign to People or Assign to Groups, based on your organization's preference.
   • In the popup, assign the relevant users or groups to the application, then click Done.
8. Configure App Settings:
   • In the General tab of the Tenfold app, configure settings for user experience:
     • Enable Auto-launch to automatically log in to Tenfold from the Okta dashboard without additional clicks.
     • Enable or configure Two-Factor Authentication (2FA) settings as necessary.
   • Click Save after making any changes.
9. Enable SSO in Tenfold:
   • Log in to the Tenfold dashboard.
   • Navigate to the SSO feature configuration page.
   • Click the red Disabled button in the upper-right corner to enable the feature.
10. Upload Metadata and Configure Domain:
    • Upload the metadata XML file downloaded in Step 6 by clicking the +Upload file button in the Tenfold dashboard.
    • Set the Domain for corporate login (use the organization's domain name for clarity).
    • Click Save.
11. Test Login Flow:
    • Your organization is now ready to use Okta for SSO authentication in Tenfold.
    • Okta Verify will handle multi-factor authentication (MFA). For more information on how Okta manages MFA, click the relevant links provided in the setup.