Integrating Millie SAML with Okta

Integrating Millie SAML with Okta

Summary

If you are an IT person, this document will help you connect Millie’s SAML SSO functionality with your Okta account. For a more general introduction to Millie SSO and provisioning, visit this page.

Initial setup

First, it will help to have a Millie user account with admin privileges. Millie customer support can help you create one, or another user at your company with admin privileges can invite you to Millie and assign privileges to you with the Employees page, found under Settings / Employees in the Millie admin menu.

Once you are an admin, you should be able to view the SSO page, at Settings / SSO:

image

This page shows configuration details that we will update during the setup process. If you cannot find the SSO menu entry, contact Millie customer support and verify that SSO has been enabled for your company.

While you are here, make note of your Company Slug, which is a simplified version of your company name. You will use that value below.

Configure Millie app integration

Millie offers a pre-configured app integration for use with Okta. To install it, open the Okta Admin Console and:

  1. Select Applications / Applications from the menu to view the Applications page:
    2. image
  2. Click Browse App Catalog to view the catalog:
    3. image
  3. There are two search bars in this page. In the bottom search bar, under Browse App Integration Catalog, enter Millie, then select the Millie app. This app install page should appear:
    4. image
  4. Click the Add Integration button on the right to display the Add Millie page:
    5. image
  5. Click Done to install the app. The app settings page should appear:
    6. image
  6. Select the Sign On tab:
    7. image
  7. Click the Edit link;
  8. Copy the company slug you obtained earlier into the Slug Name field, halfway down;
  9. Click Save;
  10. Scroll down and click the View SAML setup instructions button, on the right. The How to Configure SAML 2.0 for Millie page should appear;
  11. This page displays a Metadata URL, which looks something like:
    12. https://SLUG.okta.com/app/XXXXXXXXXXXXXXXX/sso/saml/metadata

    Please email that to tech@milliegiving.com, along with your company name;

  12. Please also send your company's email domains to tech@milliegiving.com.
    13. ℹ️
    Millie uses the employee's email address as a unique SSO identifier, and the domain in that address is used to determine the company (and therefore the IdP) to which the employee belongs. For this reason, Gmail addresses can never be used with Millie SSO.

Test your SSO setup

Millie will use your Metadata URL and email domains to update your account. We will email you when these changes are complete, and you will see them in the Millie SSO page we mentioned earlier. Your SSO should be ready to use at this point! To test your integration:

  • Assign the Millie app integration to one or more users within your IdP;
  • Perform both IdP-initiated and SP-initiated logins.

If you run into trouble, please contact tech@milliegiving.com. We will be happy to help!