Okta

How to Configure SAML 2.0 for Honey.is


Read this before you enable SAML

Enabling SAML will affect all users who use this application, which means that users will not be able to sign-in through their regular log-in page. They will only be able to access the app through the Okta service

Backup URL

Honey does not provide backup log-in URL where users can sign-in using their normal username and password. You can call Honey support to turn off SAML, if necessary.

Contents

Supported Features

The Okta/Honey SAML integration currently supports the following features:

Configuration Steps

  1. Sign into Honey as an administrator.

  2. Navigate to Account > Admin > SINGLE SIGN-ON, then do the following:

    • Save your Company ID value from the Assertion Consumer URL:

      For example, if your Assertion Consumer URL is: https://honey.is/org/1234/saml/finalize

      Then your Company ID is 1234.

    • Remote login URL: Copy and paste the following:

      Sign into the Okta Admin dashboard to generate this value.

    • Issuer URL (Optional): Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Identity Provider Certificate: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Enable Single Sign-On: Enable this.

    • Click SAVE SETTINGS:

    honey_new1.png

  3. In Okta, select the General tab for the Honey.is app then click Edit

    • Enter your Company ID (step 2), in to the corresponding field.

    • Click Save:

    honey_new2.png

  4. Done!

Notes

The following SAML attributes are supported.

Okta sends the following default attributes as part of the SAML assertion:

In addition to the default attributes, Okta supports the following custom attributes:


Here is an example describing how to add and use the additional Department attribute:

  1. In Okta, navigate to Directory > Profile Editor.

  2. Search for the Honey app, then click Profile:

    honey_new3.png

  3. Click Add Attribute, then enter the following:

    • Display Name: Enter a preferred attribute name. In our example, we used Department.

    • Variable Name: Enter department.

      Important: In our example we are adding the department attribute. You must use the following variable names (case-sensitive) for the custom attributes: jobTitle, department, location, phoneNumber.

    • Click either Add Attribute or Save and Add Another.

      Note: Scope (optional): If you check User personal, the current attribute will be available once you assign the user to the Honey application and will not be available once you assign the group to the app.

    honey_new4.png

  4. Click Map Attributes:

    honey_new5.png

  5. Select the Okta to Honey tab.

  6. Start typing the required attribute from the Okta Base User profile (or use the dropdown list) and select the attributes you want to map.

    Note: In our example, we have selected the Department attribute, and then use the green arrows (Apply mapping on user create and update).

  7. Click Save Mappings:

    honey_new6.png

  8. Click Apply updates now:

    honey_new7.png

  9. Okta will now pass the Department attribute with the value of the Department field from the Okta Base User Profile.


SP-initiated SSO

  1. Go to: https://honey.is/signin.

  2. Enter your email address.

  3. Click NEXT:

    4. honey_new8.png