Integrate Okta SSO

Okta SAML/SSO integration

Connect Okta with Tallyfy using SAML-based Single Sign-On (SSO) for automatic authentication and user provisioning. Takes about 30 minutes.

Coordination required

SSO setup requires exchanging config between your organization and Tallyfy. You can’t do this alone - submit a support ticket to get started.

Requirements

• Okta administrator account
• Tallyfy Professional or Enterprise plan
• SAML configuration values from Tallyfy Support

Setup overview

1. Create an Okta SAML application
2. Configure settings in both systems
3. Turn on SSO and test it

Phase 1: Create Okta SAML application

Step 1: Create a new app

1. Sign in to the Okta Admin Console

2. Switch to Classic UI from the dropdown in the top left header

   

3. Go to Applications > Applications

4. Click Add Application

   

5. Select Create New App

   

6. In the dialog, select Web for Platform

7. Select SAML 2.0 for Sign-on method

8. Click Create

   

Step 2: Configure general settings

1. Enter “Tallyfy” as the application name
2. Optionally upload the Tallyfy logo
3. Click Next

Phase 2: Configure SAML settings

Step 1: Obtain Tallyfy SAML values

Grab Tallyfy’s SAML values first - these tell Okta where to send login data:

1. Contact Tallyfy Support to access your organization’s profile
2. Go to the Org Settings tab
3. Click Add Configuration Details
4. Find the default SAML values section

Step 2: Enter SAML settings in Okta

Now configure Okta with those values:

1. Single Sign On URL: Enter the value from Tallyfy’s “SP ACS URL” field

2. Keep Use this for Recipient URL and Destination URL checkbox selected

3. Audience URI (SP Entity ID): Enter the value from Tallyfy’s “SP Entity ID” field

   

4. Click Show Advanced Settings

5. Change Authentication context class to X.509 Certificate

Step 3: Configure attribute statements

Tell Okta which user info to send to Tallyfy:

Name	Name Format	Value
email	Unspecified	user.email
FirstName	Unspecified	user.firstName
LastName	Unspecified	user.lastName

1. After adding the attributes, click Next

Step 4: Complete Okta configuration

1. Select I’m an Okta customer adding an internal app
2. Check This is an internal app that we have created
3. Click Finish

Phase 3: Configure Tallyfy with Okta info

Step 1: Get Okta SAML details

1. Go to the Sign On tab in your Okta application

   

2. Scroll down and click View Setup Instructions

   

3. The page shows the identity provider’s SAML config details

Step 2: Send details to Tallyfy Support

1. Send the Identity Provider Single Sign-On URL to Tallyfy Support
2. Send the Identity Provider Issuer to Tallyfy Support
3. Send the X.509 Certificate to Tallyfy Support
4. Tallyfy Support configures these values in your organization’s SAML settings

Step 3: Enable SAML authentication

After Tallyfy Support confirms your settings are configured:

1. Toggle the SAML activation switch to enable SSO for your organization

User provisioning and access

Once SSO is active:

1. Get the Tallyfy login URL from the SAML configuration modal (Tallyfy Support provides this)
2. Share this URL with users who have access to the Okta application

How it works for your users:

• Already have a Tallyfy account? They log in automatically
• No account yet? Tallyfy creates one on their first login

SSO authentication flow

The full authentication process from setup to user access:

Key points:

• Steps 1-6 are the one-time setup between your Admin and Tallyfy Support
• Steps 7-14 happen every time a user logs in
• Tallyfy auto-creates accounts for new users (step 13) using the email and name attributes from Okta

Troubleshooting

Can’t log in? Check these first:

• Is the user assigned to the Okta application?
• Are attribute mappings exactly right? Names and formats matter.
• Are users hitting the SSO URL, not the regular Tallyfy login page?
• Still stuck? Contact Tallyfy Support.

Advanced Okta integration with AI tools

Okta’s OAuth 2.0 support and cross-domain authorization standards work well for AI system integrations. Want to extend Okta identity governance to AI-powered workflow apps? Check out enterprise SSO patterns with MCP servers.

Related articles

Authentication > Integrate OneLogin SSO

Tallyfy integrates with OneLogin through SAML-based Single Sign-On by having an admin create a custom SAML connector in OneLogin and exchange configuration values like ACS URLs and X.509 certificates with Tallyfy Support so that team members can authenticate through a special SSO login URL with automatic provisioning for new users on first access.

Authentication > Integrate Microsoft Entra ID SSO

Tallyfy integrates with Microsoft Entra ID (formerly Azure Active Directory) for SAML-based single sign-on by having an admin create an enterprise app in Entra ID and exchange SAML configuration values and certificates with Tallyfy Support so that users can log in automatically and get accounts provisioned on first access.

Authentication > Integrate JumpCloud SSO

Tallyfy integrates with JumpCloud through SAML-based SSO by creating a custom SAML app in JumpCloud and exchanging identity provider metadata and service provider configuration with Tallyfy Support to enable automatic login and just-in-time user account creation for assigned users.

Authentication > Integrate Google Workspace

Tallyfy integrates with Google Workspace through SAML-based Single Sign-On by creating a custom SAML app in the Google Admin console and exchanging configuration details (SSO URL and Entity ID and certificate) with Tallyfy Support so users authenticate with Google credentials and new accounts are automatically provisioned on first login.

Was this helpful?

YesNo