Single sign-on (SSO) allows your users to access your Formulayt account via a central SSO platform where you manage your users.


Formulayt supports SSO via SAML. This includes support for Okta, as well as other platforms that provide SAML authentication.


The process to activate this integration is as follows:


  1. Configure your SAML platform to allow access to Formulayt using the information we provide
  2. Provide the required details back to Formulayt from your SAML platform
  3. Formulayt will activate SAML support on your account from our end
  4. When all of the above is done, your SSO users can access Formulayt via your SAML platform


Configuring your SAML platform


The exact steps for completing this step vary between SAML providers. You should consult the documentation for your specific SAML provider as Formulayt is unable to provide customised steps for each platform (except Okta, which we have detailed below). However, you will need the following information from Formulayt to complete this step (you should request this information by raising a support ticket):


SAML version: 2.0

App name: Formulayt

Single sign-on URL: Request this from your Formulayt account manager

Audience URI (SP Entity ID): Request this from your Formulayt account manager 

Name ID format: EmailAddress


Add the following attribute statements:


Name

Value

first_name

user.firstName

last_name

user.lastName

email

user.email

gcdc_secret

Request this from your Formulayt account manager 


Note that you must never share the value of the gcdc_secret attribute with anybody else.


Provide the required details to your Formulayt account manager


You will need to provide the following details from your SAML platform on a support ticket in order for us to activate the integration from our side:


  • Identity Provider Single Sign-On URL
  • Identity Provider Issuer
  • X.509 Certificate


Additionally, you should state if you want either of the following options to be enabled:


  •  Allow provisioning of new users - we will create new user accounts in Formulayt for users logging in over SSO who have not used Formulayt before
  • Allow SSO users to also sign in using a password - your users can also set and use a password to log into Formulayt


Once this information has been received, we will activate the SAML integration and you can now have your users log into Formulayt using SSO.


Detailed steps for Okta


If you are using Okta as your SSO platform, you can follow these more details steps to set things up.


Integration with Okta requires the creation of a Web app tile within Okta. 


Within OKTA, create a new application by navigating to: Classic UI → Applications → Add Application → Create New App

Specify the following initial settings:

  • Platform: Web

  • Sign on method: SAML 2.0


Specify the following general settings:

  • App name: Formulayt


Specify the following SAML settings:

  • Single sign on URL: [To be provided by Formulayt]

  • Audience URI (SP Entity ID): [To be provided by Formulayt]

  • Name ID format: EmailAddress

  • Application username: Okta username

  • Update application username on : Create and update


Add the following attribute statements as detailed above. The Name format for all statements should be "Unspecified".


You can use the following image as a tile logo: https://drive.google.com/file/d/1RuaWRhLpOOiMzy_Qsjy0rsURykJV0Rvu/view?usp=sharing


Once complete, provide the required details back to Formulayt as detailed above.