Verkada Command can integrate with Okta using Security Assertion Markup Language (SAML).
SAML handles the authentication process, allowing Okta to be used to manage access to Command, the same as any other Software as a Service (SaaS) application already integrated into your Okta tenant. This means Command can be incorporated into your existing identity framework and be access-controlled based on your current policies in place.
Before you begin
For a successful integration, choose the best path for your region:
For US orgs, you will use an existing Verkada application following steps directly below.
Configuration
In Okta, select the Sign On tab for the Verkada app, and click Edit.
Scroll down to Advanced Sign-On Settings and enter the Client ID from your Command account.
Select Save.
Scroll further down to SAML Signing Certificates and click Generate new certificate, if a new certificate does not exist.
To the right of the certificate, select the Actions dropdown and click View IdP metadata
Right click on the metadata and select save as and download as XML file type.
After downloading the XML file, you need to upload it to Command.
In the Verify Metadata section, click Run Login Test.
Troubleshooting
Updating usernames (emails) does not automatically take effect in Command. If you need to change a username, un-assign the user from the SAML app, then re-add the user to the app for the change to take effect.
If a new user cannot log in via SSO, it could be because the email domain is not being added to the SSO configuration in the Verkada backend. If the user's email is outside of the email domains provided when SSO was set up, this causes the user to be unable to use SSO. If this is the cause of the problem, you need to edit the SSO configuration and add this domain to remedy the issue.
If you experience any other problems with setting up SSO, contact Verkada Support.
Need more help? Contact Verkada Support.