Using Okta SSO to Log in to Bob! Desk (SAML 2.0)
To set up SSO for Bob! Desk using Okta as the identity provider, go to your Okta interface, navigate to "Applications" → "Applications," and click "Create App Integration" as shown below.
Next, select SAML 2.0, which is the SSO protocol used by Bob! Desk, and click "Next."
Then, enter the details that will allow you to easily find your Bob! Desk integration in your list of integrated applications, for example as shown below, and click "Next."
On the next screen, enter the following connection information precisely:
| Single sign-on URL | https://general-api.bob-desk.com/auth/v1/sso/saml/acs |
|---|---|
| Audience URI (SP Entity ID) | https://general-api.bob-desk.com/auth/v1/sso/saml/metadata |
| Default RelayState | https://www.bob-desk.com |
| Name ID format | EmailAddress |
| Application username | |
| Update application username on | Create and update |
Also, be sure to check the box "Use this for Recipient URL and Destination URL." After entering all this information, your screen should look like the following capture:
Next, scroll down the page to proceed with mapping the connection information as follows:
Click "Add another" to create four fields, and fill them in exactly like this:
| Name | Name format | Value |
|---|---|---|
| first_name | Basic | user.firstName |
| last_name | Basic | user.lastName |
| user_name | Basic | user.login |
| Basic | user.email |
Your screen should eventually look like this capture.
Then click "Next" at the bottom of the page.
On the next page, select "Contact app vendor: It’s required to contact the vendor to enable SAML," as shown in the following capture, and click "Finish":
Finally, the SAML certificates screen will be displayed. Find the SHA-2 type certificate line and click "View IdP metadata."
A new tab will open containing XML-formatted information. The page link should resemble the following link:
https://[user].okta.com/app/[app]/sso/saml/metadata
Copy this https link from your browser’s address bar and send it to the Bob! Desk team to finalize your SSO onboarding at the following address:
tech@bob-desk.fr (click for a pre-filled email)
Please provide us with this link (metadata_url) and the domain(s) that should have access to Bob! Desk via SSO. The domain is the suffix of the email addresses that will need to log in to Bob! Desk, which is the part that follows the "@" as shown below (in green the domain):
If there are multiple domains in the email addresses that will need access to Bob! Desk, please specify all of them in the email.
All that remains is to wait for a response from our technical team, who will do their best to finalize your onboarding process as quickly as possible.