The Vudoo Single Sign On (SSO) integration uses an OpenID Connect identity layer to securely connect to your Okta instance. This connection is made by setting up a custom Vudoo Connect App in your Okta instance, letting you assign selected users through a group. This way, selected users can easily log into the Vudoo platform with one click.
This document will step you through setting up the Vudoo Connect App as a once-off setup, as well as how to add users to the Vudoo app when needed!
Note: You must be an administrator of your Vudoo and Okta instance to set up this application.
Before you start
What you will need to follow this guide:
Administration access to Vudoo
Write access to Okta for editing/creating applications, groups, authentication servers and users
Your Vudoo account’s Group ID
This can be obtained by your Vudoo administrator
Your Vudoo account region URL
This is the Vudoo platform URL given to you by your Vudoo representative to access your Vudoo account
Step 1 - Let’s start in Okta
Log into your Okta instance as an administrator
Follow the steps below
Step 2 - Vudoo Group setup guide
In the left-hand navigation click “Directory -> Groups”
In the page that loads, click “Add Group”
Enter the new group details
Name: Vudoo Group ID
Description: Vudoo platform account group id
Click Save
Step 3 - Vudoo Connect App setup guide
In the left-hand navigation click “Applications -> Applications”
In the page that loads, click “Create App Integration”
A pop up modal will then be displayed
Select “OIDC - OpenID Connect”
Then “Web Application”
Click Next
In the New Web App Integration page that is loaded, set the App integration name to Vudoo Connect
In the logo section, you can add the Vudoo logo (or skip this section)
In the Grant type section select or check
Client Credentials
Authorisation Code
Implicit (hybrid)
In the Sign-in redirect URIs section, copy your account region URL and paste it in the input field with this prefix: /xauth/p/token/okta, e.g. example.vudoo.io/xauth/p/token/okta
In the Sign-out redirect URIs section repeat Step 9. You can skip the Trusted Origins section if you like
In the Assignments section
Select or check Limit access to selected groups
Start typing Vudoo in the Selected group(s) input field. An autocomplete will be displayed, then select the Vudoo Group ID group we created earlier
Click Save
Step 4 - Back to Groups
In the left hand navigation click “Directory -> Groups”
In the page that is loaded, click on the Vudoo Group ID group
In the People tab click Assign People
Select the people you want to assign by hovering over the person then clicking the plus icon
Press Save when you have added all the people you need.
In the Applications tab click Assign Applications (If not already assigned)
Search and select the Vudoo Connect application by clicking Assign
Enter in your Vudoo account’s Group ID in the input field
Click Save and Go Back
Click Done
Step 5 - Back to Applications
In the left hand navigation click “Applications -> Applications”
Search and click on Vudoo Connect
Click on the Sign On tab
In the OpenID Connect ID Token section click Edit
In the Groups claim filter section type in groups as the claim name if not already there
Select Contains in the dropdown menu
Enter in Vudoo in the last input field
Click Save
Step 6 - Security setup guide
In the left hand navigation click “Security -> API”
Click Add Authorization Server
In the pop up window fill in the fields like below
Name: Vudoo single sign on
Audience: YOUR_VUDOO_URL
Description: Authorization server for Vudoo single sign on
Click Save
Click on the Claims tab
Click Add Claim
In the pop up window fill in the fields like below
Name: vudoo_group_id
Include in token type: ID Token | Always
Value type: Expression
Value: YOUR_VUDOO_GROUP_ID
Disable claim: Unchecked
Include in: select The following scopes, then search for profile in the input field and select when it shows up
Click Create
Click on the Access Policies tab
Click Add Policy
In the pop up window fill in the fields like below
Name: Vudoo policy
Description: Default Policy for your Vudoo Authorization Server
Assign to: All clients
Click Create policy
Click Add rule
Enter in the Rule Name: Default Policy Rule
Make sure the following are checked leave the rest unchecked
Client Credentials
Authorization Code
Implicit (hybrid)
Resource Owner Password
Any user assigned the app
Any scopes
Click Create Rule
We’re all done with setting up your Okta Vudoo Connect Application!
Step 6 - Over to Vudoo’s platfor
Leave your Okta instance browser window open. We’ll need to come back to your new app settings
Log into your Vudoo instance in a new window as an administrator with your Vudoo credentials
In the top right profile navigation select Account settings
Scroll to the bottom to the Login Options
Click Setup SSO
Select Okta as your SSO Service
Head back over to your Okta instance
In the left hand navigation click “Applications -> Applications”
Search and click on your new Vudoo Connect application
In the Client Credentials section copy the following
Copy: Client ID
Open the Vudoo browser window and paste the Client ID in the SSO Integration Client ID input field
Repeat this for your Client secret
Back over to Okta
In the left hand navigation click “Security -> API”
In the loaded page copy your Authorized Issuer URI
Back over to Vudoo and paste it the Authorized Issuer URL input field
Click Add integration
We’re all done with setting up your Okta Vudoo Connect Application on both Okta and Vudoo. Let’s test it out!
Step 7 - Testing your new SSO connection
Logout of your Vudoo instance
You should now see your Okta sign in button
Click the Sign in with Okta button
If you’re already signed into your Okta instance then you should be automatically logged into Vudoo
If you need to sign into your Okta instance then type your credentials in, then you will be automatically logged into Vudoo
Congratulations! You’re now all set up!
How can I add users to the Vudoo app?
In the left-hand navigation click “Applications -> Applications”
In the page that loads, click on the “Vudoo connect app”
Click Assignments tab
Click Assign then Assign to people
In the pop up window click the Assign buttons to the people you want to add
Click Done