This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
Reference
More than 30 IDM realisations in the Czech Republic and abroad
Migration from OneLogin to Okta for Emplifi
Emplifi
The move from OneLogin to Okta was driven by the need for a more integrated solution that matches Emplifi’s expectations for SSO capabilities.
Below is a step-by-step summary from the initial selection of Okta to the final shutdown of the OneLogin instance.
Solution description
1. Selection of Okta as SSO provider
The migration process began with an evaluation of various SSO tools to replace OneLogin. Okta emerged as the best fit candidate based on a proof of concept (PoC) that showed its alignment with Emplifi’s organizational needs for SSO functionality.
Steps:
- Conduct initial market research on SSO providers.
- Conduct a PoC with Okta to assess compatibility and features.
- Evaluate PoC results and select Okta based on performance and feature set.
2. Purchase and setup of Okta
After selecting Okta, the next step was to purchase the necessary licenses and setup Emplifi tenant Okta.
Steps:
- Communicating with the Okta vendor and third party provider AMI and discussing licensing options.
- Purchase the required Okta license through AMI.
- Okta tenant setup including initial configuration and integration settings.
3. Communication and preparation
Communication with application administrators and end users was key to ensuring a smooth transition.
Communication platform used:
- Slack direct messaging to communicate with application admins.
- Slack channels dedicated to this migration.
- Global email communication.
Steps:
- Inform application administrators of the migration plan and timeline.
- Communicate with end users to ensure they are prepared for the upcoming changes.
- Collaborate with application teams to ensure readiness for migration from OneLogin to Okta.
4. Changing the Source of Truth
An important aspect of the migration was changing the source of truth for user creation from a manual LDAP-driven process in OneLogin to an automated HR-driven process using BambooHR.
Steps:
- Set up the integration between Okta and BambooHR.
- Configure automated user creation and removal based on HR data.
- Test and validate the integration to ensure accurate synchronization of user data.
5. Migrating SAML 2.0 applications
The migration of applications to Okta was carried out gradually over a period of three months.
Steps:
- Identify and prioritize SAML 2.0 applications for migration.
- Migrate applications individually, adjusting configurations as needed.
- Maintain active communication with end users and administrators throughout the process to manage expectations and resolve any issues.
6. End user training and support
Educating end-users on how to use Okta was key to the adoption and effective use of the new system.
Steps:
- Develop educational materials focused on account registration, use of 2FA, and general use of Okta.
- Conduct training sessions and distribute materials to end users.
- Provide ongoing support and resources to assist users during the transition period.
7. Switching off OneLogin
The last step in the migration process was to shut down the OneLogin instance.
Steps:
- Ensure that all applications and users are fully functional on Okta.
- Perform a thorough audit to confirm that there are no critical dependencies remaining on OneLogin.
- Officially shut down the OneLogin instance.
The conclusion of the migration from OneLogin to Okta involved careful planning, clear communication and ongoing support to ensure a successful transition.