The Okta/Sage Intacct SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Log in to Sage Intacct as an administrator.
Navigate to Applications > Company > Company configuration:
Select the Security tab, then click Edit:
Scroll down to the Single sign-on (SSO) section, then follow the steps below:
Check Enable single sign on.
Identity Provider type: Select SAML 2.0.
Issuer URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Login URL: Copy and paste the following:
Sign into the Okta Admin dashboard to generate this value.
Certificate: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Click Save:
To enable SSO for a user, navigate to Company > Admin > Users:
Click Edit for the required user:
Select the Single sign on tab, then follow the steps below:
Check Enable single sign-on for this user.
Federated SSO user id: Enter the required value.
Click Save:
Note: If you are going to use a value equal to the email address – you need to select Email for the Federated SSO user id dropdown list in the application settings in Okta. If you are using the email prefix for the Federated SSO user id – select Username for the dropdown list value.
Make sure that you entered the correct value in the Your Intacct Company Id field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Sage Intacct.
Make sure that you selected the correct value in the Federated SSO user id dropdown list under the Sign On tab in Okta.
The following SAML attributes are supported:
Name | Value |
---|---|
name | user.userName |
Company Name | Comes from Your Intacct Company Id field |
Click Use single sign-on:
Enter your Company ID and User ID, then click Sign In: