📝 Please note: this setup guide is for Scale accounts only. Build and Train accounts do not have access to this integration.
📕 Step 1
Connect Trainual as a new application within your Okta dashboard.
Click “Applications” in the side navigation of your Okta dashboard.
Click “Create app integration.”
Select “OIDC - OpenID Connect” as the sign-on method.
Select the “Web application” type.
You'll then be led to application settings:
Name: Put “Trainual” (or whatever makes sense for you).
Sign-in Redirect URI: Copy and paste https://app.trainual.com/users/auth/oktaoauth/callback
Sign-out Redirect URI: Skip/clear this field. Trainual does not currently support the sign-out redirect flow.
Base URI: Skip/clear this field as well unless this criterion applies to your account setup. If it does apply, add URI(s) as necessary.
Assignments: If you already created custom groups in Okta, feel free to add those groups here. If not, select “Allow everyone in your organization to access.”
📕 Step 2
Next, you'll be redirected to a page in your Okta dashboard that provides the client ID, client secret, and Okta domain. Don't close this page.
In a new browser tab, head to your Trainual account to connect Okta as an integration.
Note: Make sure to log into Trainual as an admin.
Click your Profile Icon at the top right corner of your screen.
Click connect your “Okta account.”
Copy over the client ID, client secret, and Okta domain from your open Okta tab and paste them in the correlating fields in Trainual form.
Please note: If the integration is successfully connected, you'll see two buttons appear on the Okta integrations page within Trainual: "View integrations" and "Deactivate integration."
To test the single sign-on with Okta, sign out of your Trainual account. Then, head back to the login page. You should now see a “Sign in with Okta” button.
If you don't see this button, try clearing your browser history and refresh your page.
Click Sign in with Okta to authenticate with your Okta credentials
Please note: When you login using the Okta integration, you'll be prompted to authenticate using your Okta credentials. After that, you will automatically be signed on via Okta when they return to Trainual. If you'd like to add additional users to Okta, proceed to step 3!
(As Needed) Adding users to your Okta dashboard
Steps 3 through 5 outline how to add users to your Okta dashboard so that they can utilize the Trainual-Okta SSO integration.
📕 Step 3
Log in to Okta as an “Administrator” here.
📗 Step 4
Add a user in Okta.
In the Okta admin console, click “Directory” from the side navigation.
Click “Add person.”
A form will populate that looks like this:
Fill in the following fields:
3. User type: User
4. First name
5. Last name
6. Username = users email
7. Groups: This can be skipped unless you've personally added groups in Okta.
8. Password: Set by user.
9. Check the box: Send user activation email now.
10. Click “Save.”
📘 Step 5
The user will receive a welcome email from Okta that looks like the following example:
The email includes:
A link to activate Okta
User's email (username)
Organizations' direct sign-in page
Okta activation links expire 7 days after they’re sent. Users must set their own password before the link expires.
📝 Please note: You will still need to add people to your Trainual account in order for them to be active in your account and for the SSO login to be effective.
Learn how to add new teammates here!
If you have additional questions, please feel free to email firstname.lastname@example.org.