How to set up okta

Okta Configuration

Step 1: Select Your Org from the dropdown menu

Log in to Okta and click on your username to open a dropdown navigation menu and select Your Org

Step 2: Select Admin

Select the Admin button located in the upper right of the Okta website

Step 3: Select Add Applications

Add Applications can be found on the Shortcuts menu located on the right-hand side of the page.

Step 4: Select Create New App

You will need to create your own application. To do so select the green button Create New App.

Step 5: Select sign on method

Select SAML 2.0 as your sign on method, and then select Create.

Step 6: Name your app

Give an appropriate name to your app. The rest of the options on this screen are not mandatory. Select Next when done.

Step 7: URL and URI

Your Single sign on URL is your digital workplace domain with /saml.digest appended. For example https://dune.igloocommunities.com/saml.digest. Make sure the option “Use this for Recipients URL and Destination URL” is selected. Similarly, Audience URI is just your workplace domain.

Step 8: Attribute statements

The following three Attribute Statements should be added:

• FName - Unspecified - user.firstName
• LName - Unspecified - user.lastName
• Email - Unspecified - user.email
  

Step 9: Group attributes

Leave Group Attributes Statements blank.

Step 10: Next

Select Next to proceed to the next part of setup.

Step 11: Customer or partner

Select, I’m an okta customer adding an internal app. The rest of the form can be left blank. Select Finish when done.

Step 12: View setup instructions

After completing Step 11 you will be brought to the Sign On tab of the app. Select View Setup Instructions.

Step 13: Info for your workplace

Make note of your Identity Provider Single Sign-On URL, and X.509 Certificate.

Step 14: Add a user to your app

Navigate to the People tab of your app and select Assign to People.

Step 15: Select people

Assign those who you want to have access to your app and then select Done.

Workplace Configuration

Step 16: Access your sign in settings

From your Control Panel, select Sign in Settings located underneath the Membership heading.

Step 17: Select configure SAML Authentication

At the bottom of the Sign in Settings options there is a link Configure SAML Authentication, select it.

Step 18: General configuration

Copy the Identity Provider Single Sign-On URL from Step 13 into the field IdP Login URL. Then copy the X.509 Certificate from Step 13 to the Public Certificate field of the General Configuration.

Step 19: Response and Authentication Configuration

Ensure that your settings for this section matches those in the image below. The attribute statements are:

• Email /samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute[@Name=”Email”]/saml:AttributeValue
• First Name /samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute[@Name=”FName”]/saml:AttributeValue

• Last Name /samlp:Response/saml:Assertion/saml:AttributeStatement/saml:Attribute[@Name=”LName”]/saml:AttributeValue

  

Step 20: Other settings

Ensure that your remaining settings are configured as desired. Details can be found here.