Setting up Single Sign-On with Okta

Files.com supports Single Sign-On with Okta using either SAML or OpenID Connect.

To enable and configure the Okta Single Sign-On (SSO) feature available on Files.com Enterprise and Enterprise Premier plans, you will need three things:

  1. A Files.com plan that supports the Okta SSO feature
  2. Administrator access to your Files.com site
  3. Administrator access to your Okta account

Okta SSO via SAML

Adding Files.com in Okta

After logging in to your Okta account as an administrator, navigate to Applications and click the Add Application button.

Click the Create New App button, and select Web for the platform and SAML 2.0 for the sign on method, and then click the Create button.

In the form, enter Files.com in the Application Name field and click Next.

Complete the form using the following values (leave other fields at their defaults):

Single sign on URL https://app.files.com/saml/consume
Audience URI (SP Entity ID) https://app.files.com/saml/metadata
Default RelayState SUBDOMAIN.files.com

(Replace SUBDOMAIN with your Files.com subdomain).
Name ID format EmailAddress
Application username Email

Then click Next, choose “I’m an Okta customer adding an internal app”, and click Finish.

On the next page, copy the Identity Provider metadata URL by right-clicking (or CTRL-clicking) the link and selecting Copy link address. You will need this URL when adding Okta in Files.com.

Adding Okta in Files.com

After logging in to your Files.com account as an administrator, navigate to Settings > Authentication > SSO Providers, and click the Add provider button. Click to select the Okta provider.

In the Add provider form, select the Use SAML option, and paste the Identity Provider metadata URL you copied from Okta into the Metadata URL for the SAML identity provider field.

Lastly, click the Save button to apply the change.

The Okta SSO method will now be available when assigning an authentication method for a user in Files.com, and the Sign in with Okta button will be displayed on your site’s login page.

Okta SSO via OpenID Connect

Adding Files.com in Okta

After logging in to your Okta account as an administrator, navigate to Applications and click the Add Application button.

Click the Create New App button, and select Web for the platform option and OpenID Connect for the sign on method, and then click the Create button.

In the form, enter Files.com in the Application Name field, and enter the following URL in the Login redirect URIs field:

https://app.files.com/login_from_oauth?provider=okta

Click the Save button to finish adding the application, and scroll down to find the Client Credentials box. Click the clipboard icon next to the Client ID to copy it. Keep this browser tab open, as you’ll be returning here to copy the Client secret later.

Adding Okta in Files.com

After logging in to your Files.com account as an administrator, navigate to Settings > Authentication > SSO Providers, and click the Add provider button. Click to select the Okta provider.

In the Add provider form, enter your Okta subdomain into the Subdomain field, and paste the Client ID you copied in the previous step into the Client ID field.

Back in Okta, click the clipboard icon next to the Client secret to copy it, and paste it into the Client secret field in Files.com

Lastly, click the Save button to apply the change.

The Okta SSO method will now be available when assigning an authentication method for a user in Files.com, and the Sign in with Okta button will be displayed on your site’s login page.