Connecting Okta to Venn for Identity and User Management

In order to enable seamless user and permissions management in Venn, Venn offers integrations with third-party Identity Providers (IdPs), including Okta.

If you configure Okta as your Venn Identity Management solution, you will set up SAML-based Identity Management so that users' Venn login information will be managed through Okta. Okta also offers the option to set up SCIM provisioning, which allows you to manage user access to Venn in Okta. You may or may not choose to set up SCIM provisioning depending on your company’s Okta subscription type.

Learn how to manage Venn user access with Okta as your IdP.

Set up Okta as Your IdP

You must have Admin access to Okta in order to set it up as your Venn IdP.

If you already have Identity Management configured in Venn, changing your identity provider will result in all users being locked out of Venn, including Company Managers. For that reason, changes should only be made in collaboration with the Venn team or a Venn partner.

To set up Okta AD as your IDP: 

  1. The Venn team or a Venn partner will change your Identity Provider to Okta under Connected Apps > Identity Management in Company Admin.
  2. Login to Okta with an account that has administrator permissions.
  3. In the menu at left, click Applications and select Applications.

    Picture1.png

  4. Click Create App Integration.

    Picture2.png

  5. Select SAML 2.0 as the sign-in method and click Next.

    Picture3.png

  6. On the next page, enter “Venn” in the App name field, upload the file found here in the App logo (optional) field and click Next.

    Picture5.png

  7. Input the following in the Single sign on URL and the Audience URL (SP Entity ID) fields: https://[company shortname].venn.com/sso/okta (replace [company shortname] with your company's shortname in Venn, which is the abbreviation for your company that you see in the URL bar before .venn.com when you have the Workplace web app open). Then, click Continue.

    Picture8.png

  8. Select I’m a software vendor. I’d like to integrate my app with Okta and click Finish. You can safely disregard the button to Submit your app for review.

    Picture9.png

Once these steps are complete, Okta is set as your Venn Identity Management solution.

Set up SCIM Provisioning

  1. In Okta, go to the General tab for the Venn application that you created.
  2. Click Edit under App Settings, select Enable SCIM provisioning, and then click Save. This will add a Provisioning tab for the Okta application.
  3. Your Venn team will do the following in Venn Company Admin to generate a token that you need to set up SCIM provisioning:
    1. Navigate to All websites section and click Add websites.

      Google Workspace_Add Website.png

    2. Search for and select “Okta” and click Identity Provider.

      Okta_Add IdP.jpg

    3. Click Okta in the websites list and click Edit Identity Provider.

      Okta_Edit Provider.jpg

    4. Click Generate token and copy it.

      Okta_Generate Token.jpg

  4. In Okta, navigate to the Provisioning tab for the Venn application.

    Picture10.png

  5. Click Edit under SCIM Connection. Configure with the information below:
    • SCIM connector base URL: https://login.venn.com/scim
    • Unique identifier field for users: userName
    • Check the box to enable Push new users
    • Check the box to enable Push Profile Updates
    • Authentication Mode: HTTP Header
    • Authorization: Paste the token from the Venn team

      Picture11.png

  6. Click Test Connector Configuration

    Picture12.png

  7. Click Save.
  8. Navigate to the Provisioning tab. Keep the following attributes mapped on the Provisioning tab. Remove all other Attributes from the mapping.
    userName Configured in Sign On settings
    givenName user.firstName
    familyName user.lastName
    middleName user.middleName
    email user.email
    emailType (user.email != null && user.email != '') ? 'work' : ''
    primaryPhone user.primaryPhone
    primaryPhoneType (user.primaryPhone != null && user.primaryPhone != '') ? 'work' : ''
  9. Click Edit.
  10. In the Provisioning to App section, check the boxes to enable Create Users, Update User Attributes, and Deactivate Users and then click Save.

    Picture14.png

  11. Navigate to the Sign On tab.
  12. Click View Setup Instructions.

    Picture15.png

  13. Copy all IdP metadata and share with your Venn team. They will add that information to the Okta Identity Provider settings in Venn's Company Admin:
    1. Navigate to All websites. Click Okta in the websites list and click Edit Identity Provider.

      Okta_Edit Provider.jpg

    2. Upload the metadata from Okta in the IdP metadata field and click Save.

      Okta_Add metadata.jpg

Manage User Access to Venn when Okta is Your IdP

Follow the steps in this article to manage user access to Venn once you have set up Okta as your IdP.

Was this article helpful?