CallPlease Enterprise users have a number of options for configuration Single-Sign-On for authenticating into CallPlease. Each option has a few quirks to it that are worth listing.
Okta is one of the the leading Identity Providers (IdP) so they were high on our list of solutions to support. A few points to consider in planning for a CallPlease/Okta implementation:
- CallPlease supports both SAML and OpenID/OAuth Okta implementations and has active installations of each
- CallPlease is listed on the Okta Integration Network (https://www.okta.com/resources/find-your-apps/?keywords=Callplease )
- Once you add CallPlease to your Okta configuration, we still need to configure the requests on our end. As a matter of security, we don’t leave these API conversations open or self-configurable.
- Once you request access over SSO, we will connect you with a CallPlease technical resource who can finish the configuration. The person will ask for:
- IdP Assertion URL (aka SSO URL as described below), signed not encrypted
- base64 Signing Certificate
Okta has an excellent overview document [ https://support.okta.com/help/s/article/Beginner-s-Guide-to-SAML] that includes the following entirely accurate description of our requirements:
You will also need to provide the vendor/developer with the following information from the Okta application (accessed via the View Setup Instructions button in the application’s Sign On tab):
- The Identity Provider Single Sign-On URL. The SP may refer to this as the “SSO URL” or “SAML Endpoint.” It’s the only actual URL Okta provides when configuring a SAML application, so it’s safe to say that any field on the Service Provider side that is expecting a URL will need this entered into it.
- The Identity Provider Issuer. This is often referred to as the Entity ID or simply “Issuer.” The assertion will contain this information, and the SP will use it as verification.
- The x.509 Certificate. Some service providers allow you to upload this as file, whereas others require you paste it as text into a field.
Begin the process by contacting your Enterprise Point of Contact or by sending a request to CallPlease Support by clicking here.