Plans 💳 : Unlimited+
User Permissions 👥: Admins
For legacy plans, please refer to the article here.
Adding new users to Timely and managing their access has never been easier with our newest single sign-on integration, Okta!
Note: You must be an admin user in both Okta and Timely to set up this integration.
First, log into your Okta admin account and click on the Applications dropdown in the left-hand sidebar. You should see an Applications option, click that and then click the "Create app integration" button along the top.
Make sure you select the SAML 2.0 option as the "Sign-on method" and then click "Next".
Enter in and select the various options under the General Settings tab as you'd like and then click "Next".
Enter in the following attributes under SAML Settings:
Single sign on URL: https://auth.memory.ai/users/saml/auth
Audience URI: https://auth.memory.ai/
Default RelayState: https://auth.memory.ai/
Name ID format: Unspecified
Application Username: Email
Scroll down and enter in and set the following attributes under Attribute Statements:
Note: You will need to click the "Add Another" button after each line to create a new attribute. "employeeNumber" should be any unique identifier attribute for each user on your end. As an example, we have set it to "user.login" attribute.
Once you've entered in all your Attribute Statements, scroll down to the very bottom and click the "Next" button to finalize this new SSO app.
Phew! The heavy lifting is over, just a few more clicks to get things in place.
Now you'll need to access that newly created SSO app in Okta. Go ahead and click the Applications drop-down from the sidebar again then click Applications. Click your new SSO app and then the "Sign on" header along the top.
Scroll down to the very bottom and click the "View SAML setup instructions" button".
A new tab should open up with configuration information that you'll need to share with Timely. You'll want to copy the full text from the "Identity Provider Single Sign-On URL" and "Identity Provider Issuer" fields.
Finally, click the "Download certificate" button at the very bottom. This will create an "Okta.cert" file in your downloads folder.
You are all set! You'll just need to contact the Support Team here at Timely by emailing us at email@example.com to finalize that integration.
In that email, please be sure to include the following information:
The full text of the "Identity Provider Single Sign-On URL" field, the full text of the "Identity Provider Issuer" field, and the "okta.cert" file downloaded from the last step.
We'll also need a list of the email domains in use by your organization such as "@organization.com" or "@companyname.org".
We'll circle back to let you know once everything has been confirmed and enabled on our end!