SSO with Okta as IdP

Okta is an identity management platform that can be configured to provide Single Sign-On (SSO) functionality for your organisation’s customer portal. With this configuration, users can seamlessly access Okta and Zoho Billing’s customer portal using a single set of login credentials.

Let’s explore how you can set up the SSO between Zoho Billing and Okta.

Create SAML 2.0 App Integration in Okta

SAML 2.0 is an XML-based open standard for Single Sign-On (SSO) that is supported in Zoho Billing. It allows secure authentication and seamless login across multiple applications using a single set of credentials.

Here’s how you can create a SAML App integration:

Log in to your Okta account with admin privileges.
In the Admin Console section, navigate to Applications.
Click Applications and select Create App Integration.
In the popup, select the SAML 2.0 option and click Next.

You can then set up the SAML app integration in Okta using the following steps:

Configure General Settings for the SAML App

You can start configuring the general settings for your SAML app in Okta by providing key information such as the app name, logo, and unique identifiers.

To configure your SAML application:

Go to the General Settings page, provide an App name for the application. For example, Zoho Billing SSO.
Insight: The App name is a label to help you and your users recognize the application in your identity provider’s dashboard, in this case, Okta.
If required, upload the app’s logo.
Check the App visibility box to hide the app’s logo from other users in Okta.
Click Next to continue.

Configure SAML Settings

In the SAML Settings page, you will configure the application’s SAML parameters such as Single Sign-on URL, Recipient URL, Destination URL, Name ID format and more to set up SSO for your application and Okta.

Prerequisite: ACS URL and Relay State URL from Zoho Billing is required to configure SAML settings in Okta. For this, go to Settings > Customer Portal > General > Portal SSO. If the URLs are not available, reach out to us at support@zohobilling.com for further assistance.

Insight: The ACS URL directs Okta to deliver the authentication response to Zoho Billing, ensuring a secure SSO login.

In the SAML Settings page, configure the following:

Field	Action
Single sign-on URL	Paste the ACS URL provided by Zoho Billing, Okta will deliver the SAML responses after a user signs in to this URL.
Use this for Recipient URL and Destination URL checkbox	Check the Use this for Recipient URL and Destination URL checkbox as this configuration requires the Recipient and Destination URLs to be the same as the Single sign-on URL.
Audience URI (SP Entity ID)	Paste the Portal URL provided by Zoho Billing to set the SAML assertion path.
Default RelayState	Paste the Relay State URL from Zoho Billing in this field.
Name ID format	Select Email Address from the dropdown.This allows users to be identified using email addresses while using the SSO to sign in.
Application username	Select Okta username as your application username from the dropdown.

The other fields can be configured with the default selection, as they are already set to values that are compatible with Zoho Billing.
Click Next.

Complete Feedback

You must complete the feedback section to ensure that the SAML app integration is fully configured and secure.

To complete the setup of your SAML application:

On the Feedback page, check the This is an internal app that we have created option. This indicates that the app is custom and internal to your organization.
Insight: Okta treats internal apps differently from public apps. Marking it as internal ensures that only users in your organization can access it safely.
Click Finish to complete the SSO configuration in Okta.

Okta configuration for the SSO will be completed. You can now integrate the application with Zoho Billing.

Configure Portal SSO in Zoho Billing

You can then configure SSO between Okta and Zoho Billing to let users securely log in to Zoho Billing using their Okta credentials.

To configure the SSO portal in Zoho Billing:

Log in to your Zoho Billing organisation.
Go to Settings on the top right corner of the page.
Click General under Customer Portal.
Click Configure to set up the Single Sign On for your organisation’s customer portal.
Now, go to your application in Okta.
Go to the Sign On tab in the application that you’ve created.
Click More details under the SAML 2.0 section.
Copy the Sign on URL and paste it in the Login URL field in Zoho Billing.
Copy the Sign out URL and paste it in the Logout URL field in Zoho Billing.
Copy the Sign on URL and paste it in the Reset Password URL field in Zoho Billing.
You must paste the Signing Certificate in the Public Key field in Zoho Billing. There are two ways you can do this:
- Copy Signing Certificate and paste the file into the Public Key field in Zoho Billing with the begin and end certificate. You must copy and paste “—–BEGIN CERTIFICATE—–” before the Signing certificate and “—–END CERTIFICATE—–” after the Signing certificate.
- Or, download the certificate from SAML Signing Certificates section in the Sign On tab and open it using any text editor from your local device. This will contain the public key with the begin and end certificate. You can copy and paste it in Zoho Billing.
Warning: If you do not include the begin and end certificate, the SSO setup will be invalid.
Click Save.

The SSO will be configured for Zoho Billing and Okta. Now when your customers log in to their Okta account, they will be signed in to the customer portal with single sign-on.

Was this document helpful?

Yes