Single Sign-on is a useful feature to increase security and user adoption of new tools. It means that your employees can auto-login to connected applications using their default company password, which is for instance stored in your LDAP or Active Directory system. While Small Improvements doesn’t integrate with LDAP or AD directly, it does integrate with a middleware called Okta.
- Okta is a web based middleware that connects the cloud applications you use with your internal Active Directory or LDAP servers. Okta has tons of features, but the one you need to enable is the Small Improvements app, so that your SI users can log in via Okta (using SAML 2.0 behind the scenes)
- Once configured, your staff can either access Small Improvements from the Okta dashboard or, if they access Small Improvements via your subdomain (e.g. https://mycompany.small-improvements.com) then we’ll rely on Okta to ask for the password (if they aren’t logged in already)
Important: The Okta integration is only for SSO. We do not automatically synchronize your user accounts between systems. You will have to keep your Small Improvements user accounts in sync with your directory service. If a user doesn’t have an account in SmalI Improvements, then they won’t be able to log in. You can create user accounts manually.
How to set it up in less than 5 minutes
First, log in into Okta as an administrator. Locate the “add application” entry, and search for Small Improvements in the Application Directory.
Next, type in your Small Improvements subdomain. If you’re using https://mycompany.small-improvements.com, then type in “mycompany” here. If you don’t have a Small Improvements subdomain yet, please contact the support team to set this up for you.
Continue with the Okta setup. On the subsequent details screen, select SAML 2.0. Leave the default relay state empty, it does not apply in SI.
The button ‘View Setup Instructions’ will take you to a documentation page that lists all the settings you’ll need to enter into Small Improvements now.
Follow the comprehensive Okta documentation, and then you’ll be done with the basics within minutes.
A user needs to be created in Small Improvements before they can log in. Now add user-accounts to Small Improvements via Administration -> Company Directory or import them from an Excel worksheet.
Adjusting the welcome email
Important: You must adjust some emails to avoid confusion.
- Whenever you invite staff into Small Improvements, they receive an email telling them about Small Improvements. This email also explains how to define their new password. But since they will use Okta’s password instead, that email template needs to get changed.
- Please locate the “Access to Small Improvements: Welcome Mail” email template, and remove any mention passwords setting. You can write that people should use the password defined in your intranet instead.