InVision Cloud V7: SSO—Configuring Okta for use with InVision
We’re in the process of making some changes to our SSO implementation in InVision Cloud V7 and have temporarily disabled the option to setup or change SSO while those changes are underway. If you need to urgently change your SSO settings and you’re using Cloud V7, please
contact InVision Support
To configure Okta for use with InVision Cloud V7, there are four main steps to the process:
Add InVision as a new application in Okta.
Add your users to the application.
Download the metadata for the application.
Configure Okta in InVision Cloud V7.
This document walks you through that process.
Adding InVision as a new application in Okta
Sign in to Okta as an admin. In the top navigation bar, click
Applications. Click the
Add Application button.
In the top-left search field, enter "InVision V7."
Next to the Okta Verified app named
InVision V7, click Add.
There may be several apps with "InVision" in the name. Be sure to choose the Okta Verified app named
On the following
General Settings page for InVisionApp, navigate to the SubDomain field and enter your InVision subdomain. Click Done.
Assignments tab, Click the Assign button to assign people or groups who should be able to access InVision. If you don't add them, they won't be able to access InVision via Okta.
Once you have finished assigning people, click the
Sign On tab. Click the
Identity Provider metadata link and copy the metadata. You'll need to send this metadata to complete the configuration process in InVision Cloud V7.
Configuring Okta in InVision
To perform this action, you must be an admin or owner on the Enterprise account.
With InVision Cloud V7, you can configure Okta directly from your team's settings.
To configure Okta:
Sign into your Cloud V7 enterprise account.
At the top of the page, click
Team. Click the
Settings tab, and then click Single sign-on. Toggle on
Require SSO for every member of [your Enterprise team].
With the information provided in Okta’s Identity Provider metadata file, fill out the SSO settings page.
Name: Set any name you want for the configuration.
Sign-in URL: Use the URL provided at the end of the metadata file in the
Sign-out URL: Okta does not support SLO, so leave this blank.
SAML Certification: Copy the certification provided in the
ds:X509Certificate attribute of the metadata file.
Name ID Format:
HASH Algorithm: SHA-256
SSO Button Label: Set any text you’d like for the SSO button that appears when signing in. Click
Now when any user attempts to sign in to your InVision Cloud V7 subdomain, they will be prompted so use SSO with Okta.
At this time, native authentication cannot be enabled when SSO is enabled. This means all users will need to sign in via SSO when it is enabled.
Was this article helpful?