If you're on our Enterprise Plan, you already have access to many powerful features, including Single Sign-on (SSO) configuration with Okta. This is a great way to manage login access to your Muzeek accounts for your organization.
To do so, you're going to need to ensure you are an admin in your Okta organization. On Muzeek’s side, you will also need to be an owner of the Muzeek account.
Note: Ensure the Username field for each user in Okta is a valid email. Additionally, if you are using Muzeek’s “Roster” functionality, you will need to be an owner on the main/collective roster account.
Supported features included are:
SSO (Open-ID Connect)
SP-initiated flow (sign in from Muzeek)
IDP-initiated flow (sign in from Okta)
Firstly, add the Muzeek app to Okta and find your credentials
Here's how:
Login into Okta
In the Dashboard view of your Okta organization, in the left menu underneath "My Apps", click on “ Add Apps”
Search for Muzeek from the catalog, then click "Add"
Go back to the dashboard and click on the Muzeek app
Click the “General” tab and make a note of the following:
Client ID and Client SecretClick your Okta user menu (normally on the top right) and copy the Okta URL Domain your organization uses. Here's an example of where to find it:
(Note: only the "[yourcompanyname].okta.com" URL would be your Domain. Be careful not to use the "admin-" string or the "Embed Link" URLs, as either of those won't work!)
Once you have these 3 values located, you are ready to add them to Muzeek; you will use these values in the following steps on Muzeek’s side.
Setting up and inserting your Okta credentials in Muzeek
Here's how:
Sign in to your Muzeek account (for Rosters, sign in to the main Collective account that controls Roster capabilities)
Go to the Muzeek Settings page
Select “Integrations” tab from the top menu
Fill in the Okta credentials (Domain, Client ID, Client Secret)
Hit Save at the top of the page
Assigning the Muzeek app to a user on Okta’s side
Here's how:
From the Admin view, click “Directory” in the left menu
Click “People” and select a person
Select “Assign application”
Next to the Muzeek app select “Assign”
Assigning the Muzeek app to a group on Okta’s side
Click “Directory” in the left menu
Click “Groups” and select a group
Select “Manage apps”
Next to the Muzeek app select “Assign
Logging in to Muzeek after you're Connected
SP-initiated flow (from Muzeek)
On the Muzeek home page click "Login"
Enter your login email address associated with Muzeek & Okta (it will instantly recognize if your email is linked to Okta)
Click "Sign in with Okta"
Note: Upon clicking the button you’ll be taken over to Okta to sign in with your Okta credentials, if you aren't logged into Okta already — and then return back into Muzeek (signed into all your accounts)
IDP-initiated flow (from Okta)
Go to the Okta apps dashboard,
Click the Muzeek app tile
This will open up Muzeek in a new browser tab (signed into all your accounts)
Note: From the Okta apps dashboard, clicking the Muzeek app tile will open up Muzeek in a new browser tab (signed into all your accounts)
Important things to consider:
Turning on Okta SSO for your Enterprise account will force all users tied to the account to sign in with Okta
Turning on Okta SSO for your Enterprise account with a roster will force all users tied to all accounts within the roster to sign in with Okta
Once your email is tied to an Okta SSO, you will need to use Okta to sign in to all your Muzeek accounts associated with that email address
Ensure any updates to the account email in Okta is updated in Muzeek as well
Especially if you are using a shared computer, once you have signed out of Muzeek, make sure to also sign out of Okta
When adding Okta credentials in Muzeek, test signing in from a different browser session to confirm the Okta credentials are valid and working before signing out of your account.
Of course, if you have any questions, don't hesitate to reach out to our Support channel!