Select Page

Configuring Okta SAML

Welcome Forums Integrations Configuring Okta SAML

Viewing 1 post (of 1 total)
  • Author
    Posts
  • June 17, 2022 at 9:23 pm #3317
    Charles HerringCharles Herring
    Keymaster

    How to Configure Okta Single Sign-On Integration with SAML

    1. Log in to your Okta account and navigate to the Admin dashboard.
    2. From the main menu, go to Applications > Add Application > Create New App.
    3. In the Create a New Application Integration dialog, configure the connection details:
      • From the Platform section, select Web.
      • From the Sign on method section, select SAML 2.0.
      • Select Create.
    1. From the Create SAML Integration window, enter a name to the App name field.

    1. Log in to WitFoo Preecinct and go to Admin -> Settings -> SAML (left bar).
      • Copy the URL from the SAML 2.0 Service URL field.
      • Then in Okta, paste the URL into the Single sign on URL field.
      • In Precinct’s window, copy the URL from the Identifier field.
      • In Okta paste the URL into the Audience URI (SP Entity ID) field.
    1. In Okta, select Next. The Feedback tab is displayed.
    2. Select Finish, and ensure that you assign your users.
    3. Navigate to the Applications window and select the Sign On tab.
    4. Select Assignments if you want to assign either a User or Groups.

    1. Select Assign, then Assign to People or Assign to Groups.
    2. In the Sign On tab, select View Setup Instructions.

    1. Save the Okta public certificate to a WitFoo Appliance or another Linux host as “okta.crt” and run the following command to generate the Certificate Thumprint:
      • openssl x509 -noout -fingerprint -in “okta.crt”
      • Save the resulting thumbprint for use in the following step
    2. In the window that is displayed:
      • In Okta, Copy the URL from the Identity Provider Issuer field.
      • In Precinct, paste into IdP entity.
      • In Okta, copy the URL from the Identity Provider Single Sign-On URL field.
      • In Precinct, paste it into IDP Login URL Endpoint
      • Copy the content from the X.509 Certificate field.
      • In Precinct, paste it into Precinct (SP) Public x509 Certificate (Optional)
      • In Precinct, paste the X.509 Certificate Thumbprint that was created in sep 13
      • In Precinct, hit the Submit button at the bottom of the page.
    3. In Precinct, under Admin -> Users assign any users to SAML authentication that should use Okto to authenticate.
  • Author
    Posts
Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.