Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Okta - SSO feature to access RCP

            Okta is a customizable, secure drop-in solution to add authentication and authorization services to your applications. The automatic solution has both identity and access management capabilities and is template-based, which makes it simple to use once configured.

            Customer on-boarding

            Currently, only one reseller (Shopify) is utilizing Okta SSO, and we’re not actively onboarding new resellers. However, if a large reseller requests SSO or Okta, if warranted, PDM can be engaged by referencing the ticket number, reseller name, and the total number of users/domains to review eligibility. 

            User provisioning

            New users accessing the RCP using Okta SSO for the first time will automatically have a new user account provisioned in the RSP's user list with a default permission profile. New users may need to manually request an admin user modify their permission profile via the RCP.

            Back to top

            Triaging questions

            If a customer contacts support encountering errors accessing the RCP via Okta SSO, please ask the following questions to escalate to T2 support:

            • Is this for a specific user only, or are all users signing in with Okta? What is the username(s) affected?
            • Does signing in directly from manage.opensrs.com work?
            • What kind of error message are they receiving?

            Typically the workaround, while we investigate, is to sign in directly to the RCP with their credentials from manage.opensrs.com - if it works.

            Potential login issues

            Okta is provided with web pages where our customers might land in case the single-sign-on (SSO) flow fails. The flow involves many components and steps transparent to customers; however, all of these must be fulfilled to ensure a successful outcome. The reason for the potential failures ranges from (IT) customer-side misconfigurations and misuses up to Tucows internal services malfunctions. The following are error web page screenshots and a description under what conditions they might appear.

            Not found

            Not found page might appear if:

            1. The customer misconfigured the URL in their Okta provider account (OKTA).

            2. This misconfiguration results in the URL service id not being recognized (https://sso.tucows.com/sso/pub/login/XxXXxxxXXxXx).

             

            Not_found.JPG

            Unexpected error

            The page might appear due to a failure within our auth service. The customer is expected to provide "reqID," which will help developers to identify the issue.

             

            Not_found.JPG

            Too many requests

            The customer might be rate limited if the threshold for the allowed number of requests per source IP is exceeded. This should never happen, as customers have no reason to use SSO that frequently. However, the protection is implemented to avoid internal service impact in case the public endpoint is abused (DDoS). 

            too_many_requests.JPG

            Back to top

            Was this article helpful? If not please submit a request here

            How helpful was this article?