Configuring Attendee SSO for Okta

This article will walk you through the steps for setting up Attendee Single Sign-on (SSO) for Okta. First, refer to this article to complete the initial steps of setting up SSO.

Once you've completed the necessary steps follow the instructions below to continue SSO configuration for Okta. You can also refer to this guide by Okta

1. Go to your Pigeonhole Live account. Click on your Profile > SSO Configuration.

Screen_Shot_2018-08-06_at_10.24.08_AM.png

2. Click on the Attendees tab and complete the two-step setup.

staging-dashboard.pigeonhole.at_sso_config-attendees_iPad_Pro_.png

3. Configure Attributes on your IdP: Okta 

  1. Open Okta portal and select the SAML application that will be used in Pigeonhole Live.
  2. Under SAML Settings
    1. Under the General, set the 
      1. Name ID format to EmailAddress
      2. Application Username to Email
        Screenshot_from_2019-09-11_15-09-36.png
    2. the Attributes Statements(Optional) add two attributes statements.
      1. name set to user.firstName
      2. emailaddress set to user.email
      3. Click save settings to save the configuration.

Screen_Shot_2019-10-22_at_2.03.31_PM.png

Click save settings to save the configuration. 

4. Fill in the fields with the details you previously obtained from Okta or upload the Metadata provided. 

staging-dashboard.pigeonhole.at_sso_config-attendees_disableManager_1_iPad_Pro___1_.png

5. After you have completed the steps above, return to your Team Workspace.

By default, your Pigeonholes are not configured to require SSO for attendees. To turn on SSO for your attendees, go to Pigeonhole> More settings > Security, and enable SSO for Attendees. Then click Save.


staging-dashboard.pigeonhole.at_p_8954_security_disableManager_1_iPad_Pro_.png

 

When your event attendees enter your Event Passcode or scan your Event QR code, they will be brought to your Okta domain to be authenticated. Only after successful authentication will they be redirected to your Pigeonhole where they can start engaging. 

Screen_Shot_2019-11-08_at_1.51.47_PM.png

 

Note: You can only make one sign-in option (SSO for attendees or Pre-created Attendees Profile) available at any one time. The other sign-in option will be disabled when either is selected.