What You'll Need To Do
There are 3 main steps you’ll need to follow to complete the deployment. Total time is usually under 30 minutes.
Add the TWOSENSE SAML 2.0 IdP.
Exchange SAML 2.0 certificates.
Deploy the TWOSENSE browser extension.
An Okta Org. If you don't already have one, you can get a free account at https://developer.okta.com/
An Enterprise account with TWOSENSE. Please contact us to obtain a 30-day trial if you don’t have one already.
A SAML 2.0 IdP certificate provided by your TWSOENSE rep.
Log in to your Okta instance with an administrator account in the “Classic Management UI” theme.
From the Admin Console, hover over Security and then select Identity Providers.
Click Add Identity Provider -> Add SAML 2.0 IdP
In the Add an Identity Provider dialog box, define the following:
Name — “TWOSENSE.AI”
IdP Usage — SSO only
IdP Username — idpuser.subjectNameId
Change If no match is found to Redirect to Okta sign-in page
IdP Issuer URI — https://idp.twosense.ai/metadata/
IdP Single Sign-On URL — https://idp.twosense.ai/sso/post/
IdP Signature Certificate — upload the public.cert file [provided by your SE]
Click Add Identity Provider
Now reconfigure the IdP you just created. Select the Configure dropdown next to the new TWOSENSE IdP and select Configure Identity Provider
Change IdP Usage to Factor only
Click Update Identity Provider
Download SAML metadata
Click the expand button next to TWOSENSE.AI
Click Download metadata
Provide the metadata.xml to your SE
Enable the TWOSENSE.AI IdP factor
From the Admin Console, select Security from the main menu and then Multifactor
On the Factor Types tab, select IdP Factor from the left navigation
Click the Inactive drop-down box, and then select Activate
Select TWOSENSE.AI from the IdP dropdown
You can now add TWOSENSE.AI (IdP Factor) to your Sign-on policies. If you do not have the agent deployed, users will continue to be MFA’d according to your pre-existing policies. Once the agent is deployed, TWOSENSE will begin to respond to MFA challenges on your users’ behalf. Don’t forget to provide your metadata.xml from above to your TWOSENSE representative.
Browser Extension Deployment
Depending on which tier you purchased, TWOSENSE can be rolled out by adding a browser extension from the app store of your browser(s) of choice to your company browser policy. You will be provided with an app-store published link for that purpose, please speak to your SE for details.