Acceptto MFA for Okta

Introduction

Multi-factor authentication (MFA) is an extra layer of security used when logging into websites or apps to authenticate users through more than one required security and validation procedure that only you know or have access to.

Acceptto adds MFA protection to Okta using SAML. Security Assertion Markup Language (SAML) is a protocol for authenticating to web applications. SAML allows federated apps and organizations to communicate and trust one another’s users.

When Okta is used as a service provider it integrates with an identity provider outside of Okta using SAML. Inbound SAML allows users from external identity providers to SSO into Okta. Acceptto, as a SAML identity provider, improves the user login experience for Okta users with convenient MFA.

Initial Steps
  1. Sign up for an Acceptto account here, download the It’sMeTM mobile app and sign in with your account.
  2. Download Acceptto Appliance (Please contact support@acceptto.com for the download link).
  3. Connect the Acceptto Appliance to your user directory.
Configure Okta Identity Providers
  1. Login to Okta with a user with administrative privileges. Select Admin button. Go to Security > Identity Providers.
  2. Select Add Identity provider.
  3. Fill the form as following image and click Update Identity Provider (Download the IdP signature certificate from Acceptto appliance admin panel in the next section).
  4. Expand the arrow, record the information and copy SAML metadata link for the next section.
Configure Acceptto SAML as Identity Provider
  1. Login to Acceptto appliance admin panel with a user with administrative privileges and select Applications.
  2. Click New Application button.
  3. Fill the form with the information you obtained from previous section and click Save.
  4. Note1: “Issuer or EntityID” in the above is the “Audience URI” you obtained from bullet 4 of previous section.

    Note2: Selecting the “Advanced Options” button allows additional optional configuration such as encryption certificates or custom attribute assertions.

  5. Select the Applications control, New/Edit Applications and copy the certificate shown in this page.
Set Acceptto as default Identity Provider
  1. On the Okta admin page, go to Security > Identity Provider and select the gear icon.
  2. Type Acceptto in Default Identity Provider field and select it. Then, select Save.
Test Your Setup

Now when you go to your Okta website, you should get redirected to the Acceptto page for sign in.

After scanning the QR code with your It’sMe mobile application and successful MFA authentication, you will be automatically redirected and logged in to your Okta page.

Support

If you require assistance, please email us at support@acceptto.com

Sales

Want to learn more about our MFA solutions? Contact our Professional Services for a Demo today.

Disclaimer

All product names, trademarks, and registered trademarks are the property of their respective owners.

All company, product and service names used in this document are for identification purposes only. Use of these names, trademarks, and brands does not constitute endorsement by the Acceptto Corporation.

Okta is either registered trademarks or trademarks of Okta, Inc., in the United States and/or other countries.