For organisations that require Single Sign-On (SSO), evaluagent can be configured to work with your SAML2 compatible identity provider, such as:

Once your SAML provider is configured, you will have full control over which users must authenticate via SSO and which may continue using password-based login.

Navigation Prompt

Go to SETTINGS > click Security settings > Click the Single sign on tab

By following the navigation prompt, you will see the following screen:

From here, you can choose a Default Authentication Method. The options are:

You will see an option to "Add SSO SAML2 Provider" - Click this button and enter a descriptive name for your Identity Provider (e.g., OneLogin, Azure AD, OKTA). Once you have done that, press the "Create Provider" option and it will now appear in the table.

You will need to configure your SAML settings in OKTA, as shown below, and include the details created on the evaluagent SAML provider configurations screen shown above.

The final step to configure SSO in OKTA is to add the following Attribute into Attribute Statement settings:

As you can see above, there must be an attribute statement with the name email and the value should be user.email. The Name Format should remain unspecified.

This form must be populated with the settings provided by your Identity Provider. Once this is done, you can press 'Update provider' and your SSO provider should be ready to use.

Before switching all users in your organisation to your newly configured SSO provider, we recommend testing that all of the necessary configurations have been carried out correctly by assigning the SSO authentication method to a single user.

Note that only SSO providers that have been fully configured will appear in this list, so if you do not see your new provider, please go back and check that all settings have been entered correctly.

This user should now be able to sign in to evaluagent using your SSO sign-in flow.

Once you are happy that SSO has been configured correctly, you can set it as the default authentication method for your organisation. Navigate back to the Single Sign-On tab on the Security settings page and change the 'Default authentication method' to your new SSO provider. This provider will then be used for new users created in the system, and you will be prompted whether existing users should be assigned this authentication method as well.