Okta SSO Integration

Okta is an identity and access management service provider. Testim integrates with Okta, allowing users of Okta to authenticate once in Okta and then access Testim without authenticating again.

📘

SSO is a premium feature. Make sure the SSO feature is enabled for your deployment. If it is not, contact your Testim CSM.

To setup the Testim Okta integration:

1. Login to the Okta Admin account.
2. Go to Applications > Applications.
3. Click Create App Integration.

4. Select the 'SAML 2.0 option.

5. Click Next.
   The General Settings screen is displayed.

6. In the App Name field, enter a name for the connector app, such as 'Testim SSO'..
7. Click Browse to select the Testim logo and then Upload Logo to upload it (optional).
8. You can optionally add a description that will help your users know more about Testim.
9. Click Next.
   The Configure SAML screen is displayed. At this point the connector has been created. Now you need to connect it to Testim.
10. In another tab open Testim Automate, and click the user icon, located in the top-right corner.

11. In the drop-down menu, click Settings and click the SSO tab.
12. Under Testim Service Provider Details, under Assertion Consumer Service URL, click the Copy button.

13. Go back to the tab where you have Okta open and paste the copied Assertion Consumer Service URL into the Single sign on URL field.

14. Go back to the Testim Automate tab and copy the SERVICE PROVIDER ENTITY ID/AUDIENCE code.
15. In the Okta tab, paste this code into the Audience URI (SP Entity ID) field.
16. Still in Okta, in the Name ID format field, select EmailAddress.
17. In the Application username field, select Email.
18. Under the the Name field, enter email.
19. Under Value , select user.email. This maps the email field in Testim to the user.email field in Okta.

20. Click Add Another.
21. Repeat steps 20 – 22 for the following field combinations:

• firstName (mapped to user.firstName)
• lastName (mapped to user.lastName)
• profilePicture is not mapped – this is optional.

22. Click Next.
23. Complete the feedback and click Finish.
24. In the newly created application's page, scroll down to SAML Signing Certificates section.
25. Click on Actions > View IdP metadata.

26. Right-click and choose "Save As".
27. Go back to the Testim tab, click the Upload File button and select the metadata.xml file that you have just saved.

28. In the same screen, enable the Enable SSO toggle.

29. To ensure all users are only able to login through Okta, and not through the regular Testim login page, select the Force users to login via idP checkbox.

30. Go back to the Okta tab and associate the newly created Testim SSO connector application to the relevant Users, Groups, or Roles. In this example we will show how to add a User, but the same applies to Groups and Roles.
31. Navigate to Applications > Applications. The new Testim SSO connector will be displayed.

32. Click the Settings () drop-down and select Assign to Users.
33. Assign it to the relevant user(s).
    The newly created app is created and will appear in the Okta portal of the specified users/groups/roles. From now these user(s) will be able to login to Testim from Okta SSO.