Before you can start setting up Single Sign On (SSO) for Zoho Directory and Okta, we need to check the following:
Log in to your Okta account as an administrator (with administrator access).
Under Applications> Applications, search for the Zoho Directory app in the Okta Integration Network (App Integration Catalog).
Add Zoho Directory app in.
Fill in the Add Zoho Directory options.
Then click on the "Sign On" tab.
Click on "View Setup Instructions".
You will then be sent to View Setup Instructions for Zoho Directory.
In a new browser tab, log in to your Zoho Directory account as an administrator (with administrator access), https://directory.zoho.com.
In Zoho Directory, open your Single Sign-On (SSO) settings.
Zoho Directory> Security> "Custom Authentication" tab.
If you have trouble finding it, you can try this direct link to Custom Authentication, just add in your Zoho Directory name in the URL. https://directory.zoho.com/directory/yourzohodirectorydomainname/adminhome#/security/customauthentication
You should see something like this "Single Sign-On" section on Zoho Directory.
Add in your Okta Single Sign-On settings into Zoho Directory settings and click Save.
In Zoho Directory, click Browse and upload your okta.cert certification file into the "Verification Certificate" section.
You will find your unique link from your "View Setup Instructions" for Zoho Directory from earlier. You will find that it looks something like this: https://oktadomainname.okta.com/admin/org/security/oktasinglesignonlinkid/cert
Make sure you download the .cert file, and give it a name. You can use "okta.cert" if you like.
Click Update.
You will then get a "SAML configuration has been updated successfully" notification once it has been successfully set up in Zoho Directory.
In Okta Admin Console, you will see the details you need to fill in your Zoho Directory "SSO Provider details". (Under "Sign On" tab).
Add in your Zoho Directory Single Sign-On settings into Okta.
You can add the ACS URL from Zoho Directory, and put it in Okta under the "Advanced Sign-on Settings" section (Under "Sign On" tab).
When you are ready, let's test that it works.
In Okta Admin Console, let's assign a user to the application. (Applications> Applications> Zoho Directory app)
Go to "Assignments" tab. (Applications> Applications> Zoho Directory app> "Assignments)
Select "Assign" and "Assign to People".
Select our test user, click "Assign" and then "Done".
Now let's log into our Okta instance as a test user. You may need to refresh your browser if you had the browser window already open.
Then click on "Zoho Directory" application icon (chiclet).
When I click on it, it takes me to Zoho Directory.
Success, you will be logged in successfully to your Zoho Directory account!
If your users see this error message, make sure that:
1. User has been created and added in Zoho Directory. You will find the ability to add users under Zoho Directory> Users> Add User.
2. User has activated their account on Zoho Directory. That is, they have been "invited to join Zoho Directory" and they will need to "Confirm" their new Zoho Directory account and join your Zoho Directory organisation.