You can configure a custom application in Okta to enable Single Sign-On with Primalogik. To do this you need to have administrator privileges in your Okta account.


Okta Setup


In the Okta admin UI, go to Applications and click the "Create App Integration" button. Select the following options:
  • Sign-in method: OIDC - OpenID Connect
  • Application type: Web Application


On the next screen:


Click Save, then click Edit next to "General Settings" to set the remaining options:
  • LOGIN - Login initiated by: Either Okta or App
  • LOGIN - Application visibility: Select "Display application icon to users"
  • LOGIN - Initiate login URI: Enter the URL below, replacing <oktaSubdomain> by your own Okta subdomain (the part right before ".okta.com" in your Okta URL).


Click Save. It should now look similar to the screenshot below.


Finally, you need to complete the integration in Primalogik itself. To do this, you will need to copy the Client ID and secret from the Client Credentials section of the Okta screen above (first section at the top), so you should leave that page open in a separate browser tab.

Follow these steps to complete the integration:
  • Log in to Primalogik with a user having the Administrator privilege.
  • In the left menu, under "Settings", click "Manage Account".
  • Under "General", click "Integration".
  • Click the Configure button in the Okta section.
  • In the Okta domain field, enter you Okta subdomain. This is the part of the URL that comes before ".okta.com" when you are logged in to Okta.
  • In the Client ID field, enter the value copied from the Client ID field of the Okta application created previously.
  • In the Client secret field, enter the value copied from the Client Secrets field of the Okta application.


Signing in to Primalogik


To sign in to Primalogik through Okta SSO, users have these options:

  • Click on the Primalogik app icon within Okta.
  • Bookmark the "Initiate login URI".
  • Access Primalogik though the links included in emails sent by the Primalogik app.

The third option above is very convenient for end-users. For example, when invited to respond to a Primalogik assessment, users receive an email including a link to Primalogik. That link includes a uuid that will allow them to automatically login through SSO and access the questionnaire page directly.


Even when Okta SSO is enabled, users can still login using a username and password, unless you have selected the option "Do not allow password based login" in the General Settings.