SureMDM empowers enterprises to use Single Sign-On (SSO) options to provide Multi-Factor Authentication (MFA). SureMDM supports integration with multiple SSO identity providers, including Microsoft ADFS, OneLogin and Okta.
Multi-Factor Authentication (MFA) in SureMDM
For these instructions, we will assume the user wishes to integrate SureMDM and Okta. The steps for other SSO providers will be similar. For any questions on variations, please email firstname.lastname@example.org.
Part 1: Steps to set up Multi-Factor Authentication in Okta
1. Login to the Okta Server and click Admin.
2. Click Add Applications.
3. Click Create New App.
4. Select SAML 2.0 and click Create.
5. Create a new app and name it SureMDM.
6. Click Next, navigate to SAML Settings, and enter the following details:
- Entity ID:
- Single Sign-On URL:
7. Click Next.
8. Select the first option and click Finish.
9. Click View Setup Instructions.
10. Download the certificate and copy the SAML Metadata from the View Setup instructions link.
11. On the Okta Server, click Security > Multi Factor Authentication > Edit > SMS Authentication > Save.
12. Click the Applications tab and select SureMDM.
13. On the Sign On Policy prompt, click Add Rule.
14. Enter Rule Name and Conditions.
15. On the Factor prompt, select the desired option and click Save.
Part 2: Steps to make changes in the SureMDM Server
1. Login to the SureMDM Web Console.
2. Go to Settings > Account Settings > Enable Single Sign-On and enter the following details from your metadata file:
- SSO type: Select Okta from the SSO Type drop-down list.
- Service Identifier: This value is present in setup instructions tab i.e. Identity provider issuer.
- Sign-On Service URL: This value is present in setup instructions tab i.e. Identity provider Sign-On URL.
- Logout Service URL: Same as sign on URL however change SSO to SLO.
- Roles: Assign a Role (and associated permissions) from the drop-down list.
- Device Group Set: Assign a Device Group Set (and associated permissions) from the drop-down list.
- Jobs/Profiles Folder Set: Assign a Job Folder Set (and associated permissions) from the drop-down list.
3. Click Upload Certificate to upload the certificate file you downloaded in Step 10 of Part 1.
4. Login to Okta and select the app you named SureMDM.
Use the following URL:
You have now successfully enabled SureMDM to use Okta’s Multi-Factor Authentication.
SureMDM supports other SSO identity providers like Microsoft ADFS, OneLogin, and others. Click here to get in touch with one of our team members for more information.