Configuring Single-Sign On With OKTA

ActivityInfo associates email domains with identity providers. Any user with a given email domain will be required to authenticate through that identity provider.

If your organization uses Okta for identity management, then you can associate your organization’s emial domain (for example, “@myorganization.org”) with your Okta tenant.

Prerequisites

You must have at least one registered ActivityInfo account with the given email domain.

You do not need to be a customer. Your organization may report to an ActivityInfo database hosted on activityinfo.org, for example, such as a Refugee Response Plan database, and configuring SSO for your users improves the security of the platform for all parties involved.

Supported features

ActivityInfo supports Service Provider (SP) initiated Single Sign-On (SSO) through the Open ID Connect (OIDC) protocol. This authentication flow occurs when the user attempts to login from ActivityInfo.

Configuration Steps

Adding ActivityInfo to your Okta Tenant

Log into the Okta Admin Console, and navigate to the Applications sections. Click Browse App Catalog.

In the next page, enter “ActivityInfo” in the Search bar:

Then click on the “Add Integration”

In the next screne, you can customize the name of the application as it will appear in the Okta dashboard, otherwise, you can just click “Done”.

ActivityInfo has now been added to Okta. However, you must share the Client ID and Secret with ActivityInfo in order to complete the integration.

Integrating with ActivityInfo.org

Navigate to the “Sign On” Tab.

From the OpenID Connect section, copy and paste the Client ID and Client Secret and send to support@activityinfo.org.

Our team will update ActivityInfo.org to complete the integration.

Configure assignments

We recommend allowing everyone in your organization to access ActivityInfo. This ensures that your organization’s ActivityInfo administrator can control access to ActivityInfo databases from within ActivityInfo.

Navigate to the Assignments section.

Click “Assign to Groups” then click click “Everyone”

SP-initiated Single Sign-On (SSO)

From your browser, navigate to https://www.activityinfo.org/login

Enter you email address, then click Continue.

You will be redirected to your Okta sign in page.

If you successfully enter your Okta credentials, you will be directed back to the ActivityInfo database list page.

Next item
Migrating existing users to SSO