Reftab can be found in the OKTA App Integration Catalog.
Log into your OKTA account as an administrator.
Click โApplicationsโ > โBrowse App Catalogโ
Next, search โReftabโ
Next, click โAddโ
Next, see configure settings as below:
Single sign on URL: https://www.reftab.com/api/sso
Audiance URI: https://www.reftab.com/
Name ID format: EmailAddress
Application username: Email
Attribute Statements
The options below are optional if you added Reftab via OKTAโs App Catalog. If you are manually adding Reftab as an application, you will need to send at least an attribute that identifies a userโs email.
Attributes are ideal to use in scenarios where just-in-time provisioning is used, or multi tenancy. These attributes can be sent from OKTA that further describe who a user is. Reftab can take that additional information and provision the user into a pre-made Reftab access role or tenant.
Next, click โNextโ.
Next, Fill out the Feedback step, as seen in the below image:
Click, โFinishโ.
Next, you will be taken to the applications settings page, click the button to โView SAML Setup Instructionsโ
Next, copy and paste the settings that are displayed in your screen into Reftab.
Log into Reftab, click โSettingsโ > โSAML Settingsโ > โAdd New Domainโ
Domain: the part after @ in your companyโs email address. (this is what triggers the single sign on button on Reftabโs login page).
IDP Entity ID: copy and paste from the Identity Provider Issuer as seen in above screenshot.
URI Endpoint: Copy and paste from the Identity Provider Single Sign-On URL as seen in above screenshot.
Email Attribute: leave as email
Certificate: Copy and paste from the X.509 Certificate as seen in above screenshot.
Click โSave SAML Settingsโ
Next, you will need to verify ownership of your domain before you can begin using SSO with Reftab. This is an important security step. This checks that your domain belongs to you and not anyone else trying to claim it as theirs. Follow this guide to verify your domain: https://www.reftab.com/blog/faq/domain-verification-for-saml/index.html
Once domain verification is complete. OKTA is ready to accept authentication requests from Reftab. To test this, in Reftab click โSub Accountsโ > โAdd Sub Accountโ.
Add an account that you know is in your OKTA environment. Then, test logging into Reftab from our login page: https://www.reftab.com/login
Suggested Next Steps
Enhance your asset management by integrating Reftab with Okta for seamless SaaS discovery and utilization tracking. This setup builds on your current infrastructure, automating the management of both hardware and software assets. Click here to get started.
For additional help, please email help@reftab.com