This article is best for system administrators.

Single Sign-On (SSO)

SSO communication is made using the SAML protocol. PlusPlus has a pre-set integration for Okta which makes it easier to install the integration with minimal configuration. The attributes requested by this default integration are:

  • “Email” for the user’s email attribute
  • “First Name” for the user’s name attribute
  • “Last Name” for the user’s last name attribute
  • "Picture" for the user’s profile picture

To enable the Okta integration, go to Go to Menu > Settings > SSO & Security. Look for the “Single Sign-On (SSO) Providers” section and activate “Okta SSO”.

Regardless of the pre-set integration, customers are free to set up custom SAML integrations within Okta (or any other SAML provider) and connect it to PlusPlus using a "Custom SAML Provider" (as described in the PlusPlus SSO and Security setting page). To learn more about how to set up Okta as a custom SAML provider, see How to set up SSO with a custom SAML provider.

Provisioning

Provisioning happens following the SCIM protocol. Using REST architecture and JSON objects, the SCIM protocol automatically provisions and deprovisions users. The webhook on our side expects a request with a user identification (id or email) and a request header with the Token (which can be found at the SCIM section in the "Custom SAML Provider" settings page). The SCIM integration is not mandatory and should be manually activated in OKTA after the application is set up.

If you want to learn more about how to provision users with SCIM, please see:

Did this answer your question?