Axero supports Okta integration for single sign-on (SSO). This page covers information about Okta SSO, walks you through configuring Okta SSO on your intranet, and provides solutions to common issues. For more information or assistance from the Axero team, submit a private case.
Upon visiting your intranet, users will be redirected to the Okta login page.
Logging in with Axero credentials
You can allow users to log in using Axero credentials. Set System Properties > EnableAutoLoginViaSaml to false. When this property is set to false, users will see the Axero login page. Users can either log in with Axero credentials or click Login via SAML to sign in using Okta credentials.
After entering the site URL, mobile app users will be redirected to the Okta log-in page.
You can allow users to log in using Axero credentials. Set System Properties > EnableAutoLoginViaSaml to false. When this property is set to false, users will see the Axero login page. Users can either log in with Axero credentials or click SSO Login to sign in using Okta credentials.
Axero creates a user when the user logs in for the first time. However, you can add users to Axero before they log in using the methods below.
Bulk import users
Pre-populate users with Bulk Import Users. The Axero usernames you create must match the usernames in Okta.
Add users
You can add users in Control Panel > People > Manage People > Add User. The Axero username you create must match the username in Okta.
REST API
You can use our REST API to import users - REST API: Add User, REST API: Update User Profile Fields.
Adding Axero administrator accounts
If Axero administrator accounts are created before Okta is set up and the Axero usernames match Okta usernames, the administrator accounts will sync with the corresponding Okta accounts. If not, you must re-configure permissions for the admin Okta accounts and remove the previous Axero administrator accounts.
Any data can be imported from Okta if there are corresponding User Profile Fields in Axero. Attribute mappings must be added to Control Panel > System > Single Sign On > Data Mapping > SAML. Enter the attribute name as the property name in Axero. See the table below for common fields to import.
* The country code in Okta must match country options in Axero exactly.
You can also use our REST API to import user data into Axero.
User data is updated in Axero every time a user logs in.
Email and username change
When a user's email is changed in Okta, the user's Axero email will be updated the next time they log in. The Axero username will not be changed and must be updated manually by a site administrator.
When a user's assignment is removed in Okta, the user cannot log into Axero using Okta.
The user's account will still be active in Axero. You can Delete User and their content or reassign their content to another user or to the system anonymous user. You can also Ban User, which will retain their content.
Return to top
This guide walks you through how to enable Okta SSO in Axero. Client-side setup is estimated to take 1-2 hours, and Axero team setup is estimated to take 1-2 hours. The time to set up SSO can vary based on how long it takes to set up internal systems and provide the Axero team with the required information. The total time for setting up SSO may take up to 1-2 business days.
Once you complete the guide, Okta SSO will be active on your intranet. If you run into any issues, submit a case here for assistance.
Assign users or groups to the app.
To configure provisioning, see Okta SCIM Configuration Guide.
You can add Okta Groups into your Axero SAML fields by doing the following:
1. Go to Control Panel>System>Single Sign On
2. Under Data Mapping, select Type SAML.
3. Click Add. Enter the label you wish to call the grouping property (in this example, it's called GroupName), then select Okta Groups from the drop-down. Click Update.
4. Navigate to your Okta Administration page and select the application for Axero.
5. Click the Sign On tab. Under Settings, expand the Attributes, then press Edit.
6. Scroll down to the Group Attribute Statements (optional) section and add the "GroupName" label made in Axero with the Filter "Matches regex" and Value "\w+".
7. Scroll down and Click Save.
8. Now the Okta Grouping comes across as a property for users to be acted upon.
EXAMPLE Personas:
All users will have a unique username that is separate from their email. If you would like your users to log in to Axero with their email address and restrict them from using their username as log-in credentials, please follow the steps below:
Login to the website as an administrator.
Navigate to Control Panel>People>User Profiles.
Now, edit the login page.
Edit the Email or Username field under Login to your account tab.
You can select how you want your users to log in to Axero.
Exception: "The partner identity provider http://www.okta.com/xxxxxxxx is not configured."
Go to Control Panel > System > Advanced System Utilities and click Restart Site.
Exception: "UserRepository.AddUserWithSAMLActiveDirectoryProperties Error" when a new user tries to log in. "InvalidPassword" in the stack trace.
Go to Control Panel > System > General Settings > Advanced Settings. Set "Maximum length for password" to a value over 25.
Exception: "UserRepository.AddUserWithSAMLActiveDirectoryProperties Error" when a new user tries to log in. "Failed" in stack trace.
Go to Control Panel > System > General Settings > Advanced Settings. Set "Minimum length for username" to a lower value. Set "Maximum length for username" to a higher value.
is requesting access to a wiki that you have locked: https://my.axerosolutions.com/spaces/5/communifire-documentation/wiki/view/95490/okta-sso?locale=en-US%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252f1%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252f%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253fact%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253d1%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252f%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253fSpaceID%2525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525252525253d5
Your session has expired. You are being logged out.