Okta SSO

steps to obtain metadata from okta log in to okta admin console go to the okta admin panel and select the application you’re integrating download metadata look for an option to download the saml metadata xml file this file contains all the necessary details you’ll need to fill out in your software extract information open the metadata file in a text editor and locate the required fields as outlined above once you’ve filled out all these details in your software, you should be able to connect the application to okta via saml be sure to test the connection to verify that authentication is working correctly follow the below step by step okta walk through and you'll be ready in no time 🚀! step 1 | logged in to okta login to okta admin setup login will look something like the following https // \<company admin> okta com/admin/apps/active step 2 | application go to " application " navigation link listed on website's left step 3 | select your application select your application (in this case, i have chosen my application " clearsquare portal ") \[step 3] | choose application step 4 | general tab \[ step 4 ] |general tab step 5 | saml settings edit scroll down to the " saml settings " section and click the " edit " button the blurred out value is your server's api endpoint this will be exactly the same as your admin portal's url example admin analytics yoursubdomain com \[step 5] saml settings edit button step 6 | edit saml integration basic setup you will be redirected to the " edit saml integration " section enter an " app name " upload an image for the " app logo " if you have one then click on the " next " button \[step 5] edit saml integration basic setup step 7 configure single sign on url & audience uri (sp entity id) you will have been navigated to the " configure saml " tab here we will add a single sign on url and uri (sp entity id) if the " use this for recipient url and destination url " is not checked then make sure to select the box ✅ before continuing examples single sign on url https //admin analytics yoursubdomain com/api/saml audience uri (sp entity id) https //admin analytics yoursubdomain com default relaystate value should be blank see step 8 image name id format unspecified application username okta username update application username on create and update step 8 | edit advanced settings at the bottom of the screen you will see the " show advanced settings " click that link to set up logout capabilities \[step 8] edit advanced settings step 9 | enable single logout signature certificate and enable single logout (optional) (optional) upload “ signature certificate ” file (if required) see see logout setup video 👉 \[coming soon] “ enable single logout ” by clicking on “ allow application to initiate single logout ” see see logout setup video 👉 \[coming soon] for more details single logout url https //admin analytics yoursubdomain com/api/logout/callback sp issuer https //admin analytics yoursubdomain com \[step 9] sso setup okta setting saml attribute statements (optional) (optional) this will allow for jit provisioning of users to workspaces, groups, pages and any user attribute based filters based on what is provisioned in sso go to " edit saml integration " > " saml settings " > " attribute statements " (optional) (optional) name (clearsquare) name format (optional) value (okta) user firstname unspecified user firstname user lastname unspecified user lastname user email unspecified user email user username unspecified user login user workspace user workspace unspecified unspecified user company id user company id user group user group unspecified unspecified user role id user role id step 10 | complete saml editing after that scroll down and click on " next " button you're all set here now click the " finish " button \[step 10] complete saml editing \[step 10] complete saml editing step 11 | sso setup okta the next step places you on the " sign on " tab click the " copy " to place the metadata url value on your clipboard \[step 11] sso setup okta step 12 | configure & verify sso settings in the admin portal go to sso add section of the admin portal example link https //admin analytics yoursubdomain com/sso/add \[step 12] configure & verify sso settings in the admin portal