How do I set up SSO with Okta Identity Manager for Sunwave?

This article explains how to set up Okta Identity Manager to log into the Sunwave Platform.

1 Sunwave Initial Setup
2 Create the App Integration
- 2.1 Steps in Okta
3 Assign users to the App
4 Providing the information needed by Sunwave
- 4.1 App Embed Link URL
- 4.2 SAML Certificate

For this integration, Sunwave provides the client with:

Callback URL (including the app token ID)
Audience URI

The client provides Sunwave with:

App Embed Link URL (App Login URL)
Certificate

Sunwave Initial Setup

Sunwave defines a unique token app value that represents the client’s realm family.
For example, if the token app value is PALM, the callback URL provided to the client is:
https://emr.sunwavehealth.com/sso/callback/palm

After the client creates the Enterprise Application in Okta, Sunwave creates an SSO registry. The client must provide:

Certificate
App Embed Link URL (App Login URL)
Parent Clinic ID

This enrollment process applies to the entire realm family, so it only needs to be completed once.

Create the App Integration

To create the app, Sunwave provides the following information:

Single Sign-On URL, for example: https://emr.sunwavehealth.com/sso/callback/<app_token>
app_token: Value provided by Sunwave
Audience URI (SP Entity ID), for example: https://emr.sunwavehealth.com

Steps in Okta

Sign in to your Okta account.

Go to Applications:

Selecting the Application sub menu in the Okta dashboard

Click on the Create App Integration.

choosing create a integration in the application page of Okta

Select SAML 2.0, then click on Next.

Choosing Samo 2.0 in the new App Integration section of Okta

“Enter a name for the app (for example, Sunwave Sign In). You may choose whether to display the logo. Click Next

Choosing a name for the SAML integration in Okta

On the Configure SAML screen, complete the following fields and leave the others at their default values:
- Single Sign-On URL: https://emr.sunwavehealth.com/sso/callback/<app_token>
- app_token: Value provided by Sunwave
- Audience URI (SP Entity ID): https://emr.sunwavehealth.com
- Click Next.

Configuring the SAML integration in Okta including a spot for the Single Sign On URL and the Audience URI (SP entity ID)

For feedback, select I’m an Okta customer adding an internal app, complete the form as needed, then click Finish.

Selecting I'm an Octa customer adding an internal app and finishing the SAML setup

Assign users to the App

In Okta, go to Applications and open your app.

Selecting the app you just created in Okta

On the Assignments tab, use the Assign box to select the users who should have to access the app.

Using the Assignments tab within the applicaion to select the users who will be allowed to use the single sign on to access Sunwave

Providing the information needed by Sunwave

Provide the following information needs to be provided to Sunwave.

App Embed Link URL
SAML Certificate

App Embed Link URL

Open the App and click on the General tab.

Going to the General tab within Applications in Okta

Scroll down to the App Embed Link section. Copy the URL.

Finding the embed link section of the general tab in the application

SAML Certificate

Open the App and click on the Sign On tab.

Going to the Sign on tab in the application

Scroll down to the SAML Signing Certificates section. Select the row with Active status, and click Actions, and choose Download Certificate.

Downloading the active SAML signing certificate in the application