Who can use this feature?
Available on Enterprise plan.
Accessible to Owners and Admins on Web App.
Alohi SSO works across Fax.Plus and Sign.Plus. To enable Single Sign-On (SSO) for your Fax.Plus or Sign.Plus account through Okta and allow your team members to access Fax.Plus or Sign.Plus from their Okta dashboard, ensure that you have Admin access for all Fax.Plus/Sign.Plus and Okta.
Once confirmed, follow these steps to activate SSO via Okta:
Step 1: Configuring your Okta dashboard to add a new custom application named "Alohi"
- Make sure the application label is set as “Alohi” and click Done to complete the installation.
- Create a new app integration and select SAML 2.0. Then enter the information as below:
ACS URL: https://sso.alohi.com/login Entity ID: https://sso.alohi.com/metadata Name ID format: EmailAddress Application username: Email - In the Attribute Mapping section, make sure to add the “First name” and “Last name” as attributes:
- Under the Alohi SSO app settings, go to the “Sign On” tab, click on the “View SAML setup instructions” button, and keep a copy of:
Identity Provider Single Sign-On URL, Identity Provider Issuer, X.509 Certificate
Step 2: Configuring Alohi SSO on your Sign.Plus or Fax.Plus admin panel
- Log in to your account and go to the Security tab under the Profile section.
- In the Company-Wide settings, find the Single Sign-On (SSO) item and click the Activate button to start setting up the SSO to your account.
- Fill out the configuration form with the information provided by your IdP. Make sure you select “Alohi SSO”.
- Press Next to receive the SCIM Token that is required for the next step.
- On this screen, you can also configure how you want your users to be added to Alohi products.
Step 3: Enabling SCIM provisioning on Okta
- From the General tab on Okta enable the SCIM provisioning.
- Fill out the information as below:
SCIM connector base URL: https://sso.alohi.com/scim/v2 Unique identifier field for users: userName Supported provisioning actions: - Import New Users and Profile Updates
- Push New Users
- Push Profile Updates
Authentication Mode: HTTP Header Authorization: Paste the SCIM token from the previous step - You can Test Connector Configuration to make sure this configuration is correct, then press Save.