Demo: SAML Integrations (Vault & Fill & Assigning Applications)
Transcript
Details
Speaker 1: We will now show the configuration of two vault and fill apps. The first will be an app that's in Oka's industry leading catalog of over 5,000. The second will be an app that's not in our catalog. In both cases, Okta employs a proven SSO browser plugin that's heuristics-based, so it's self-healing. What this means is that, if a website's login page changes, the plugin will be able to intelligently detect it and post the credentials without issue. Nothing needs to change on the Okta side.
Speaker 1: I'll go ahead and add [Teladoc 00:00:00:28]. This will be our first application. I'll then get to choose the application visibility and then I'll also get to choose whether or not to sign the user in automatically.
Speaker 1: Next, I'll choose how to allow the user or the admin to set the username and password. I can give the user full autonomy as seen here, or I can have the administrators set the username and password and maybe hide those credentials from the end user. This may be useful for the case of, let's say, a shared Twitter account. Finally, I'll choose whether or not to allow the user to see the password. Then I can assign the user to the app. I'm going to skip this step for now. And that's it. Very simple.
Speaker 1: Oka's catalog is the most comprehensive in terms of breadth and depth as you can see here, but we haven't added all applications yet, as the list keeps growing. If you can't find an app, we provide a wizard-driven approach that allows you to quickly and easily add new apps. Let's see this in action. I've been hearing a lot about this application called Sofi. Apparently it's a loan or mortgage application and I don't see it in Okta, so let's go ahead and create it.
Speaker 1: It is a secure web authentication app, meaning this is Oka's terminology for fault and fill. I'll give it a name of Sofi Loans and I need the login page URL, so I'll go to sofi.com. I'll go to the login page and I'll just copy and paste this URL into Okta.
Speaker 1: Next, I'll show the end user experience to illustrate how well the heuristics works. First I'll assign myself this application. By doing so, I'll get the chiclet on my dashboard. Let's now check out the dashboard and click on this newly assigned chiclet.
Speaker 1: Okta then prompts me to enter in my Sofi credentials. I'll click on this green button to save those credentials and Okta is now using its heuristics. It found the username, the password and the login button, and all we provided was the URL to Sofi.
Speaker 1: We'll demo three ways of assigning users their apps. First, we'll assign the app we configured I, element 3.5 to an individual user. Then we'll show how groups can enable bulk assignment to [veps 00:02:54], and finally we'll allow end users to add their own apps.
Speaker 1: As mentioned earlier, Okta has over 5,000 prebuilt app integrations. You can get a sense of this by scrolling through our app catalog, which conveniently displays 20 apps at a time. When you get to the bottom of the list, you can simply click this Show More button and this adds 20 more apps added alphabetically to that previous list. These are all prebuilt and out of the box integrations.
Speaker 1: You might've noticed that on the left hand side, these apps are all categorized by industry, and at the top these apps are also alphabetized. This makes Okta's massive catalog organized and searchable, so giving users access is easy. Let's see this in action. I want to grant Peggy access to the app called Teladoc that we previously set up with the point and click interface. I'll do a individual assignment and give Peggy access.
Speaker 1: This is good for ad hoc assignments, such as to an administrator. I've granted her access. Let's go back to her end user interface and she now sees the chiclet in her dashboard. Next, we'll grant a user access to several apps in one fell swoop. This is what most customers want and it's traditionally achieved via roles or groups. I've added 15 marketing apps in the same way I added Teladoc, and then I assigned it to a group called Marketing. Let's take a look at that.
Speaker 1: So within the marketing group, you can see all the apps that I've assigned it. Let's go ahead and assign one more application. This application is called the Blue Hornet. It's a marketing application. Now let's assign Peggy to this group. By doing so, she'll get access to all the apps that are attached to this group. Peggy has now been assigned, and let's go back to Peggy's end user interface. Peggy now gets those 16 applications that were conferred by the group.
Speaker 1: Finally, let's switch things up and allow the end user to add their own applications via self-service. As an administrator, I can select the apps that I want to make available to my end users. I have a list of apps here. I'll go ahead and select all the applications that start with numbers, and that's it from the administrative side. Now as the end user, I'm going back to my dashboard and I'll click on this green button to add a new app. You'll see here that I have all these apps that I just configured. I'll go ahead and add this one called 24 Hour Flex. I'll go back to my dashboard and you'll see here that 24 Hour Flex has been added to my dashboard, so this gives a user power to add things at will.
Through our custom user authentication and application management settings, we’ll demonstrate how to configure an application connection that will use ID and password form fill, and automatically enable them for access by users.