KRMC offers the ability to connect to an external OKTA or similar SAMLv2 authentication site.
NOTE: If you are using Multi-Factor with KRMC, you will still need to apply the MFA security after SAML authenticates.
Here's how to configure it:
- On your OKTA administrative account, select Create App Integration.
- When the app integration screen appears, make sure you choose SAML 2.0 type authentication.
- Choose Next .
- You can name the App anything you like, I'm using KRMC. You can also add an App Logo.
- Choose Next.
- Configure the Single sign-on URL to be https://krmc.kanguru.com/app.php/saml_login
- Configure the Audience URI (SP Entity ID) to be https://krmc.kanguru.com
- Leave the Default RelayState Blank.
- The Name ID Format should be Email Address format.
- The Application username should be Email.
- Leave the Update Application Username on the default
- Choose Next.
- You can select whatever option you'd like in the Feedback section and choose Next.
- Open up the newly created application and collect the certificate generated by OKTA.
- Login to your KRMC account as an Administrator.
- Under the Settings tab, select the Server Settings menu item.
- Scroll down to your SAML Settings area.
- Set the Entity ID to the OKTA name of your company's account.
- Provide the SAML SSO URL, this is the full URL of you OKTA account.
- Add the Certificate that was generated by OKTA from your new application.
- You can choose to Allow administrators to login using KRMC, SAML only, or Both.
- Save your SAML Settings on KRMC.
- Going back to the OKTA account webpage, make sure you add your new application to the required users' accounts. Validate that the information your sending to the application is an email address.
Now you are ready to test it, send an email to Kanguru Support if you need further assistance at firstname.lastname@example.org or call us at 508-376-4245 option 2.