This article outlines how to configure your account to authenticate via a SAML provider such as Okta.
You must first have a Great Question account created with an Enterprise plan.
Note: Work is still happening to have Great Question listed in the Okta Catalog and published to the OIN. For the time being the application will have to be created manually.
Step 1: Register application in Okta
Create application in Okta
In Okta, navigate to the Applications tab and click Applications.
Click Add application > Create new app.
In the dialog, select SAML 2.0 as the sign on method.
Okta Application Settings
In the General Settings, enter the application name (Great Question) and add an optional logo.
On the SAML Settings page:
Add the following URL for the Single sign on URL: https://greatquestion.co/users/saml/auth
Add the following URL for the Audience URI:
For Name ID format, select EmailAddress
For Application username, select Email
Step 2: Setting up application in Great Question
Obtain credentials for Great Question from Okta
Once the application is created, complete the following steps:
From the Great Question application in Okta, click Sign on.
From here, click View Setup Instructions.
These are the credentials you need:
Add credentials to Great Question
From your account on greatquestion.co:
Navigate to Company Profile in Account
In the authentication form:
toggle on SAML Authentication
add "Identity Provider Single Sign-On URL" to Idp sso target url
Add "Identity Provider Issuer" to Idp entity
Add "X.509 Certificate:" to Idp cert
Click Update Account
SAML is now set up on your Great Question account
Step 3: Signing in via SAML
Any user with access to Great Question in your Okta will automatically be able to sign in from their Okta profile. By default they will be provisioned with a free observer account
Users that already have accounts on Great Question can connect Okta and sign in via https://greatquestion.co/sso