Integrating OKTA with Axis LMS
To begin integrating your Axis LMS into OKTA, you will need to already have an admin account with OKTA.
While logged in as an OKTA administrator, you will next need to create the application for your specific Axis System. To do that, go to Application, and Create a New App.
When prompted, select "Web" from the Platform dropdown, and click the "Secure Web Authentication (SWA)" toggle option.
After you proceed to the next screen, you will be asked for some generic information about your new application. The fields you need to be concerned wither integration are the App's login page URL, and the Authorization token.
When filling out the login URL, there are 3 variable pieces of information:
In the example below, our system name is 'www.keystoneauto.net' - but this can obviously vary from one Axis system to another
- Your system name
- an optional create parameter
- An Authorization token
The create parameter allows users accessing your Axis LMS via OKTA to be created as user in your LMS. If this parameter is missing, unless the user already exists, they will be unable to login until an Axis user is create for them.
The auth parameter (Authorization token) is set by your Atrixware account rep. If you’re interested in integrating OKTA with your Axis LMS, just let your Account rep know so they can give you your unique Authorization token.
After finishing with the App settings, the last step is to dictate how users will be be created in Axis LMS (if that parameter is enabled above).
There are three different options that work best with Axis LMS, but which is best for you will depend on your business practices:
For all of these options, the best practice is to make sure your users are only being enrolled into the system via OKTA. This will reduce the chance of there already being a user with the same username in the Axis LMS system.
- Administrator sets username and password
- Administrator sets username, user sets password
- Administrator sets username, password is the same as user’s OKTA password
For options #1 and #3, it’s important to make sure your users cannot change their Axis LMS password, as this could create a mis-alignment between OKTA’s passwords, and the user’s Axis LMS password.
Option #1 does allow the administrator to update a user’s OKTA password if the user does change the LMS password.
If you’d like your users to be able to change their Axis LMS password, option #2 allows the user to update their OKTA password independently of the LMS so that if one is changed, the user can update the other piece of software so the two remain in sync.
After you've completed adding your Axis LMS as an application and assigned users to the application, your OKTA users can begin utilizing the OKTA Sign-On.
To read more about OKTA, check out the OKTA FAQ here
Article ID: 186
Created On: Tue, Feb 6, 2018 at 3:03 PM
Last Updated On: Thu, Feb 21, 2019 at 2:30 PM
Online URL: https://www.atrixware.com/kb/article/integrating-okta-with-axis-lms-186.html