- Logon to Reetro and on the left menu go to “Admin Controls”

 

- On the “Admin Controls” click on the Single sign on tab

 

- Leave this window open for the moment - we'll need this information to complete configuration of the reetro app in OKTA.

-In your OKTA admin dashboard, select Add Application

 

-Click the Create New App button.

 

-In the "Create a New Application Integration" dialog:

 

Select "Platform": Web  

Select "Sign on method": SAML 2.0

 

-Click Create

-Following window will open

 

 

-On the Create SAML Integration, General Settings screen

  Enter "App name": Reetro

  Upload the Reetro logo (you can download the one below)

-Click Next

-Following screen will open

 

 

In the above from, you need to add following details

1- Single sign on URL: [copy the Login URL from SSO tab from the Reetro app]

for example : https://www.reetro.app/xxxxxxxxxxxxxx/api/saml/login/callback

Remember to add the /callback at the end of URL

2-Audience URI (SP EntityID):[copy the SPIDENTITYID URL from SSO tab from the Reetro]

3- Select "Name ID format": EmailAddress

4- Select "Application username": Email

5- In the "Attribute Statements (Optional)" section, add the following entries firstName [Unspecified] user.firstName

lastName [Unspecified] user.lastName

email [Unspecified] user.email

 

 

6- Press Finish

 

Now you need to download the certificate from OKTA and copy the values needed for configuration in Reetro.

1- Click on the Credentials Details

2- Copy the values from “Identity Provider Single Sign On URL”

3- Copy the value from “Identity Provider Issuer”

4- Click on “Download certificate”

   

1 :In Reetro Go to left menu and click on “Admin Controls”

2 : Click on “Single Sign On” tab

3 : Add a friendly name

4 : Add IDP Entity URL from above step

5 : Add “Login SSO URL” from the above step

6 : Add “Logont SSO URL”

7 : Copy the contents for Certificate in “Signing Certificate” text box

8 : Click Save

 

How to test

- Go to the login page and click SSO Login

-Type email in SSO login page.

-Fill out credential on OKTA login page. If it is correct, you will be logged in the website automatically.

 

- Logon to Reetro and on the left menu go to “Admin Controls”

 

- On the “Admin Controls” click on the Single sign on tab

 

- Leave this window open for the moment - we'll need this information to complete configuration of the reetro app in OKTA.

- Open OneLogin dashboard in new tab or window

- In your OneLogin admin dashboard, Click on applications

-Create app and provide name details

 

 

-Click on Add app

 

 

- Search the SAML app

 

 

-SAML Test Connector (Advanced)

-Create app and provide name details

 

 

Now go to configurations

Now copy paste the urls from Reetro configuration page to onelogin on following fields

   

 

Add the /callback after each url

Now go to the Parameters

And add following parameters

Nameid ,email, firstName, lastName

   

While adding parameters remember to check mark the (add SAML insertion check box ) for each parameter

For name id

 

For field email

 

For firstName

 

For firstName

 

Click SAVE

Download the IdP metadata file - MORE ACTIONS > SAML Metadta soon you will need this.

1 :In Reetro Go to left menu and click on “Admin Controls”

2 : Click on “Single Sign On” tab

3 : Add a friendly name

4 : Add IDP Entity URL from above step

5 : Add “Login SSO URL” from the above step

6 : Add “Logont SSO URL”

7 : Copy the contents for Certificate in “Signing Certificate” text box

8 : Click Save

 

How to test

- Go to the login page and click SSO Login

-Type email in SSO login page.

-Fill out credential on OKTA login page. If it is correct, you will be logged in the website automatically.

 

- Login to your G-suite as admin

- This menu is shown select the Admin

 

 

-Select -> apps -> SAML apps

 

 

-Click on Add apps

 

 

-Click on add custom SAML app

 

 

Create app

   

 

Use these credentials to copy into reetro.io

   

SSO URL and entity id into reetro

 

Now copy these urls into G-suite

 

Paste it here

Add NAME ID AS EMAIL

Now add attributes

Now enable the app for available to all domain users

Now test the app if the connection works

- Go to AzureAD Account -> Go to All Services-> Select Enterprise Applications-> Browse Azure AD Gallery (ppreview) -> Select Add and application

 

 

Create the as defined in above step now after creating the app go to right menu of option list of that app Overview as shown in below screenshoot

 

 

Now from the Overview screen select the option as shown in above screen Select ( Set up single sign on )

 

 

Now from above screen select the ( SAML ) The saml will open the all the settings as shown in below screen

 

 

Here in above screenshot fill up the required fields as shown as red color marked click on it and fill these fields from the Reetroapp -> SSO tab-> the urls of “SP Identity ID” and login URL and logout URL

Copy Reetro field of ( SP Identity ID ) and Paste it in AzureAD field: Identifier (Entity ID)

Copy Reetro field of ( login URL) and Paste it in AzureAD field: Identifier (Reply URL)

Copy Reetro field of ( logout URL) and Paste it in AzureAD field: Identifier (logout url)

While copying login url and logout url field from reetro to Azure AD, Please also add /callback to the end of url

E.g

Reetro Login URL: https://www.reetro.app/60270bexxxxxxxxxxxxxx/api/saml/login

Add ( /callback ) when pasting it in Azure AD

Check the following screenshot

   

 

Now successfully copy/pasting urls correctly now check the next step

   

It will look like this when Basic SAML configuration is filled in above screen.

Now set the attributes by going to (User Attributes and Claims) option as shown in

Above screen click the (Edit button)

After opening the edit screen the below screen will be shown

 

Now Click on the (Add new claim) and fill it as it is shown in (Additional Claims and value)

Claim name: Email Value: user.mail

Claim name: firstName Value:user.givenname

Clain name lastName Value:user.surname

Put all these new claims and remove all others make sure it looks like as in screen above

After this step now copy/download the Certificate and paste it in Reetroapp -> SSO page -> Signing certificate field

Download the certificate as (Certificate (Base64)) then open it -> copy it-> paste it at Reetroapp -> SSO page -> Signing certificate field

Now follow the Step 4 from the above screen

Copy AzureAD field: Login URL and paste it Reetro field of ( Login SSO URL)

Copy AzureAD field: Azure AD identified and paste it Reetro field of (IDP Entity URL)

Copy AzureAD field: Azure AD identified and paste it Reetro field of ( Logout SSO URL )

And successfully copy pasting it press save changes in Reetro app as in below screen

Now add the users for this app

Once users are added -> Now go again to Signle sign on-> and test the connection