This guide is intended to help get Reclaim.ai setup for authentication via Okta and the Reclaim App from the Okta App Catalog.
If you need any additional assistance beyond this guide, please reach your to your Reclaim.ai contact/rep, or support via our website and/or [email protected].
Setup on a Reclaim.ai Team Enterprise Plan
Have your domain enabled/configured for SSO on Reclaim.ai
Your Reclaim.ai Customer SSO Slug
Administrator access to your Okta Account/Dashboard
For 1-3 - work with your Reclaim.ai contact/rep.
Currently only SP-initiated is supported; IdP-initiated SSO is coming soon!
Install the Reclaim App from the Okta App Directory
Login to Okta as an Admin
Applications click the Browse App Catalog.
Search for "Reclaim.ai" and click on the Reclaim.ai App/Logo
From the Reclaim.ai App page click the "Add Integration" Button
Add an Application Label (Suggestion: Reclaim.ai) and click Done
Set the Customer SSO Slug (get this from your Account Manager/Rep or contact [email protected]); this will configure the Login URI which will end up being https://api.app.reclaim.ai/oauth/callback/Customer-SSO-Slug.
Once the App is added, you will have to assign users to the app under the "Assignments" tab. This will enable to users to log into Reclaim.ai app using Okta. To add users, navigate to the Assign to People option under Assign option on Assignments Page. If you already have a group you can choose the Assign to Groups option and assign the entire group.
Provide Okta Client ID and Secret to Reclaim.
The last step is to provide Reclaim with the client id and secret of the application you just created. This is sensitive information so should be provided in a secure manner! Suggestions on how to do so are included below.
We will also need your Okta issuer id, this usually something like <your org>.okta.com.
The Client ID and Secret is available on the “Sign-On” tab for the Reclaim.ai application we just added.
To send us your Client ID and Secret, feel free to use whatever One-time Secret tool/website you usually use, or another secure communication channel of your preference.
Otherwise, we typically use and recommend: https://onetimesecret.com/
Simply copy and enter the Client ID and Secret as separate lines and choose a reasonable expiration and send us the link. If you would like to password protect it please feel free to do so and send us that via a different channel (ie: Slack, Zoom call, etc..).
Once we have the client id and secret we will configure the login on the Reclaim side to redirect to this configuration for your domain.
Log into Reclaim via SSO
After completing all the steps above, simply goto the same Login Page for Reclaim.ai (https://app.reclaim.ai/login) but from now on click the "Login with SSO" link
Enter your email (which should likely match what you use to log in to Okta) and click the "Log in with SSO" button
If you are not already logged into your Okta account, you will be directed to the login page. Fill in your credentials and sign into the account.
You will now be logged into Reclaim.ai and should see the Planner.