product icon

Using Okta with join.me

    How to integrate join.me with Okta.

    Prerequisites

    Before proceeding, you must have a live Okta Identity Provider (IdP) environment.

    A live IdP environment must be configured before implementing federated authentication for join.me. See Okta's Customer Success Center.

    Note: join.me requires SAML 2.0 for Single Sign-On authentication. SAML 1.1 is not supported.

    Step 1 - Configure join.me as a Service Provider

    The Identity Provider must be configured to trust the GoTo Common Login Service (CLS) as a Service Provider. CLS is GoTo's own shared authentication service that provides single login experience for GoTo products, including join.me, on every platform.

    You must add GoTo CLS as an application in Okta to allow a trust relationship to be established between your network and join.me.

    1. Log into your Okta account.
    2. Click Admin in the top-right corner to open the administrative options.
    3. On the Applications tab, click Add Application.
    4. Click Create New App.

      Result: The Create a New Application Integration dialog is displayed.

    5. Select SAML 2.0 and click Create.
    6. Input all data in the App Settings wizard as shown in the table below.
      Field Input or Action
      App Name Enter a unique name for GoTo CLS
      App logo (optional) Upload a logo for the GoTo CLS application (optional)
    7. Click Finish.

      Result:

      The SAML Settings screen is displayed.

    8. Input all data in the (A) SAML Settings wizard as shown in the table below. If not specified, leave the other configuration fields empty.
      Field Input
      Single sign on URL https://accounts.logme.in/federated/saml2.aspx?returnurl=https%3A%2F%2Fwww.join.me%2Ffederated%2Floginsso.aspx
      Note: Leave the Use this for Recipient URL… checkbox selected.
      Audience URI (SP Entity ID) https://join.me/
      Note: Must be unique across all applications.
      Name ID format EmailAddress
      Application username Okta username

    Step 2 - Configure CLS attributes

    A unique identifier attribute must be configured. The identifier represents the shared identifier between the Identity Provider (IdP) and join.me, allowing users to access join.me services.

    Note: The identifier can include any string value.
    1. Add the following attributes under Attribute Statements by clicking Add Another. Leave the Name format option Unspecified.
      Name Value
      Email ${user.email}
      FirstName ${user.firstName}
      LastName ${user.lastName}
    2. Click Next.
    3. Select This is an internal application that we created.
    4. Click Finish.
    Results:

    The Sign On tab is displayed.

    Step 3 - Provide information to join.me

    Once the IdP configuration is complete, you must provide the information listed in this section to your join.me representative.

    Note: If you do not have an account representative, please contact customer support.
    1. On the Sign On screen, click View Setup Instructions.
    2. Download the following pieces of information and send them to your join.me representative.
      Information Instructions
      Certificate Click Download certificate under step 3.
      Note: The X.509 certificate is used to encrypt and sign SAML 2.0 assertions.
      IDP Metadata Save the content under Optional.
      Note: The metadata document describes the endpoint addresses for communication.
    Results:

    The Identity Provider must be configured to trust the GoTo Common Login Service (CLS) as a Service Provider. CLS is GoTo's own shared authentication service that provides single login experience for GoTo products, including join.me, on every platform.