Create a seamless and secure log-in experience for all your Listrak platform account users by following the two-part setup process. Begin by following the steps in your company's Identity Provider (IdP) and then in the Listrak Platform.

⚠️ Important information regarding the SSO setup

  • The Account Owner is the only user who has permission to enable this feature.
  • Once the SSO feature is configured, Listrak will deny users access to their account who attempt to log-in using the standard method, except for the account owner.
    For Example:
  • When a new Listrak user is added they will default to the List Manager view with no access to any other features or assigned lists.
  • This is available with any Security Assertion Markup Language (SAML) compatible SSO providers such as Okta, AuthO, Ping Identity and, OneLogin.

Step 1: Identity Provider Setup

The IdP setup needs to be completed before configuring the SSO settings in the Listrak application. The overall setup and the location of the values needed for the Listrak Platform setup may differ within each IdPs setup configuration.

Select your Identity Provider to learn how to configure it for your Listrak integration:

Okta Platform Setup Guide

Ping Identity Platform Setup Guide


Okta Platform Setup

Follow the steps below if you are using the Okta Integration Network platform:

  1. Log into the Okta platform and navigation to Applications.
  2. Click Add Application.
  3. Click Create New App.
  4. Select Web from the Platform dropdown.
  5. Select SAML 2.0 as the Sign on method.
    ▪️ Click Create.
  6. Enter Application Name: Listrak (exact name)
  7. Enter the App’s login page URL: blank (exact name)
  8. Click here to download the Listrak Logo.
  9. Select the settings you want for How will your users sign in?
    ▪️ Click Next.
  10. Enter the following information to configure the SAML Settings:

Single Sign On URL

http://user-auth-api.listrak.com/api/SSOAuthentication/Authenticate?domain=[yourdomain]

Audience URI (SP Entity ID)

Listrak

Default Relay State

Leave blank

Name ID format

Okta username

Application Username

Create and update

Update Application Username On

Signed

Response

Signed

Signature Algorithm

RSA-SHA-256

Digest Algorithm

SHA256

Assertion Encryption

Unencrypted

Enable Single Logout

Unchecked

Authentication Context Class

PasswordProtectedTransport

Honor Force Authentication

Yes

SAML Issuer ID

Leave blank

11. Enter the following Attribute Statements:
▪️ When finished, click Next.

Name

Name format

(optional)

Value

email

Unspecified

user.email

first

Unspecified

user.firstName

last

Unspecified

user.lastName

12. Answer any Okta Feedback questions.
▪️ Click Finish.
13. Click the Sign On tab to access the setup instructions.
14. Click the View Setup Instructions button, a new browser window will open.
▪️ You will need the Identity Provider Single Sign-On URL and the IDP metadata.
▪️ Download the XML file to open it in a text reader such as Notepad (PC) or
Text Edit (MAC).

15. Go to the Listrak application to complete the Listrak Platform setup.


Ping Identity Platform Setup

Follow the steps below if you are using the Ping Identity platform:

  1. Log into the Ping Identity platform and navigation to Connections > Applications.
  2. Click + Add Application.
  3. Click Web App
    ▪️ Choose connection type - SAML.
    ▪️ Click Configure.
  4. Create the application profile by entering the following information:
    ▪️ Enter Application Name: Listrak (exact name)
    ▪️ Enter Description (optional): A brief characterization of the application.
    ▪️ Icon (optional): You can download an icon for use here.
  5. Click Next
  6. Enter the following Metadata to configure your application:

ACS URLs

https://user-auth-api.listrak.com/api/SSOAuthentication/Authenticate?domain=[yourdomain] 

Signing Certificate

Select Sign Assertion

Select the signing algorithm: RSA_SHA256

Encryption

Do not select

Entity ID

Listrak

SLO Endpoint

Leave blank

SLO Response Endpoint (optional)

Leave blank

SLO Binding

HTTP post

Assertion Validity Duration

60 seconds

Target Application URL

Leave blank

Enforce Signed Authn Request

Leave blank

Verification Certificate

None

7. Click Save and Continue.

8. Click + Add Attribute to complete the Attributes Mappings to correctly link your
Ping users with a Listrak user profile.

9. Enter the following attribute pairs:
▪️ When finished, click Save and Close.

Pingone User Attribute

Application Attribute

Required

Username

saml_subject

Check

Email Address

email

Check

Given Name

first

Check

Family Name

last

Check

10. To apply any Policies or Access settings pertinent to your organization:
Click the Edit pencil icon.

11. To enable the Application: Turn the toggle switch on (Green) from the
Applications list.

12. Click on the Configuration tab to download the Metadata file and to copy the
INITIATE SINGLE SIGN-ON URL.

13. Go to the Listrak application to paste in the following:

Listrak Field

Value

Domain

Your users email logon domain

IdP Logon URL

Initiate Single Sign-On URL from Ping Identity

Allowed Audience

Sign Request Algorithm

RSA-SHA-256

IdP Metadata (XML)

XML from the downloaded Metadata file from PingIdentity

14. Click Commit Changes to complete the setup.



Step 2: Listrak Platform Setup

As the account owner, begin by logging into the Listrak platform using the standard log-in process and navigate to Manage > Accounts > Account Settings.

In the Logon Settings section:

  1. Click the Enable Single Sign-On checkbox to turn 'On' the SSO.
    ▪️ Enter the following:
  2. Domain name: Your domain name used in the email address of your users' login.
  3. IdP Logon URL: Provided by your IdP.
  4. Allowed Audience: Listrak (exact name)
  5. Sign Request Algorithm: RSA-SHA-256 (exact value)
  6. IdP Metadata (XML): This file is generated during your IdP setup.
    ▪️ Copy and Paste the entire contents of the downloaded file into this field.

▪️ Click Commit Changes to complete the setup.

⚠️ An alert will display if any of the values are invalid when Commit Changes is clicked.

For Example:


Listrak Logo Download instructions

  1. Click the image to open in another tab.
  2. Right click on the image.
    ▪️ Select Save Image As...
    ▪️ Save the image to your desktop to access it during Okta setup.

Did this answer your question?