- Create a new application: Go to Okta applications
- Click Create new app integration
- Choose SAML 2.0 and click Next
-
Enter App name: eCompliance and click Next
-
Setup Okta App
-
SAML Sign-on URL : Follow Step 4 and 5 to get this value
-
Audience URL: https://my.ecompliance.com
-
Name ID Format: EmailAddress
-
Application Username: Email
-
Response: Signed
-
Assertion Signature: Signed
-
Signature Algorithm: RSA-SHA256
-
Digest Algorithm: SHA256
-
-
Go to eCompliance settings -> SSO Settings and check Yes, I want to enable Single Sign On and enter the following temporary values:
-
Certificate Fingerprint : TEST
-
SAML SSO URL : TEST
-
Click Save
-
ACS URL will be generated so copy that
-
- Go back to Okta and paste the ACS URL in the Single Sign-On field
- Set Authentication context class to X.509 Certificate
- Click Next
- Select the option I'm an Okta customer adding an internal app then click Finish
-
Assigning Users: Go to the created app
- Add users or groups. This example uses Assign to People
- Select People and click Assign > Save > Done
- Alternatively, you can use Groups
- Now go to the Sign On tab and click View SAML Setup Instructions
- Copy the Identity Provider Single Sign-On URL from field #1 and paste it into the SAML SSO URL in eCompliance
- Copy the X.509 Certificate and go to Calculate Fingerprint - OneLogin Developers
- paste the certificate and click calculate fingerprint
- copy the generated fingerprint
- paste that in Certificate Fingerprint in eCompliance SSO Settings.
- Save the final settings in eCompliance
- Go to Okta application > General > Copy the URL from the embed link section
- Paste this on a new tab in browser (for test purposes) and eCompliance will authenticate the user via Okta and sign in the user into eCompliance if the profile with the given email is present in eCompliance.
NOTE:
- When setting up SSO for your localhost, the config behaves a bit differently, it needs to be setup with http:// instead of https
- Also, by default, only Mobile SSO is enabled for an organization. You need to go to Administrator > Settings > Accounts > (Your Site) > Enable SSO and check to see these options in your eC Org.
Sample Config for localhost:
Okta:
eCompliance:
Comments
0 comments
Article is closed for comments.