Please note: This website includes an accessibility system. Press Control-F11 to adjust the website to the visually impaired who are using a screen reader; Press Control-F10 to open an accessibility menu.
Support
DescriptionSolution

Migrating from Lenovo ID to Okta Active Directory Single Sign-On (SSO) for the ThinkSmart Manager portal

Migrating from Lenovo ID to Okta Active Directory Single Sign-On (SSO) for the ThinkSmart Manager portal

Migrating from Lenovo ID to Okta Active Directory Single Sign-On (SSO) for the ThinkSmart Manager portal

Description

Describes how to convert authentication from Lenovo ID to Okta Single Sign-On (SSO) for the ThinkSmart Manager portal. 

For more information on ThinkSmart Manager portal, ThinkSmart Manager mobile app, and the ThinkSmart Manager Service (TSMS), visit: ThinkSmart Manager platform.

Solution

Follow these steps described below.

  1. In ThinkSmart Manager (portal.thinksmart.lenovo.com) portal, click user profile image and navigate to Organization Account.
    Note: This option is available only for Owners.
    Organization account
  2. In Organization Account, from Authentication, click Change provider and follow the on-screen instructions.
    Organization Account Change Provider
    Change authentication provider
  3. On Authentication provider, select Okta. then click Next.
    change provider OKTA
  4. Log in to Okta (https://okta.com/login).
    Okta sign in
  5. Proceed to Applications. Click Create App Integration.
    Note:     Create a new App if there is already one app in the list.
    Okta Applications Create App integration
  6. Select the SAML 2.0 sign-on method, and create an application.
    OKTA Create a new app integration
  7. Within Create SAML Integration, on the General Settings step, enter the App name.
    OKTA Create SAML integration
  8. On Configure SAML step, enter the Attribute Statements as shown below. The rest of the required fields can be filled in with random data. For example, Single sign-on URL and Audience URI values will be changed later on. Attribute Statements will be needed to fill one of them in the Additional Info step.
    SAML Setting

    Attribute Statements
  9. Complete the application creation flow.
  10. In SAML Signing Certificates section, from the Actions drop-down, select View IdP metadata. IdP metadata opens in a separate tab in browser.
    OKTA SAML Signing Certificates
  11. Download the page information to your computer. This becomes the IDP Configuration file that is required to change organization authentification type to OKTA.
    Single Sign On Metadata file
  12. To further be able to log in with OKTA, users should be created and assigned to your OKTA app. Also, these users should be added to the Portal. Their emails on the Portal and in OKTA should match.  
  13. To add a user, navigate to Directory - People. Click Add person. Complete all the required fields and click Save.
    OKTA People
  14. In Additional Info window, enter User ID SAML attribute (givenName or email) and upload IDP configuration file.
    Change authenticaion provider OKTA
  15. Check if user emails are correct and update them if needed.
    Set Notifications
  16. Copy the Redirect URL. This is required during OKTA setup process within OKTA (https://okta.com). Then click Close to complete the SSO setup process.
    OKTA redirect URL
  17. Paste Redirect URL, copied from Step 16, into Single Sign-on URL and Audience URI to complete the SSO setup.
    SAML Settings OKTA
    OKTA setup is complete.
Document ID:HT515581
Original Publish Date:08/14/2023
Last Modified Date:02/26/2025
X

Lenovo uses cookies to improve your experience.

Visit our Cookie Consent Tool to manage your preferences, or our Privacy Policy for more information.

Back to Previous Page
X
lenovo

Information We Collect About You

We want to be transparent about the data we and our partners collect and how we use it, so you can best exercise control over your personal data. For more information, please see our Privacy Policy.

Our cookie consent tool offers you greater visibility and control over how your preferences are stored on the site. However, some third party cookies have been temporarily classified as essential, meaning some cookies will drop that are not actually necessary for the functioning of the site. We are working to fix the issue, but you can still block essential cookies through your browser tools.

Information Our Partners Collect

We use the following partners to better improve your overall web browsing experience. They use cookies and other mechanisms to connect you with your social networks and tailor advertising to better match your interests. You can elect to opt-out of this information collection by unticking the boxes below.

Categories
1 of 1 allowed
Essential Required

We rely on cookies, javascript, and other web technologies to serve key—or essential—elements on the site. This may include things like your language preferences or server-based cookies intended to keep our site running and operational. If disabled, your site experience will likely be impacted.

Analytics

We use analytics to improve our website by better understanding how often users visit the site, what pages they visit most, and how long they spend on our site. We'll rely on cookies and third-party partners to track these actions and behaviors. Click on one of the partner names to learn more.

Vendors
Name Required

Website:

In Their Own Words

What data does this company collect?

Data Collected

Anonymous:

Pseudonymous:

PII:

Sensitive:

Data Sharing

Data Retention

Data Use

Data Storage

Adobe