Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Once your Admin account is ready,

  1. Navigate to “Applications” from the sidebar menu

  2. Select the “Create App Integration” button

    Image Modified

  3. On the select the “SAML 2.0” option

    Image Modified

  4. Choose a name for your app and select the “Next” button

    Image Modified

  5. Open the External Share global settings and navigate to the “SSO Configuration” tab on a separate page

  6. Copy the data from External Share SSO configuration and paste it into the Okta Configure SAML step

    1. Required value “Single sign on URL“ can be found on External Share SSO configuration as “Assertion Consumer URL“

    2. Required value “Audience URI (SP Entity ID)“ can be found on External Share SSO configuration as “Issuer ID“

    3. Required value “Default RelayState“ can be found on External Share SSO configuration as “Default RelayState“

      Image Modified

  7. Click on the “Application username” dropdown menu and select the “Email” option

    Image Modified

  8. Scroll down to the “Attribute statements” section

  9. Create 3 attributes

    1. Name: givenname - Value: user.firstName

    2. Name: surname - Value: user.lastName

    3. Name: emailaddress- Value: user.email

  10. Scroll down and select the “Next button”

  11. Provide your feedback and select “Finish”

SAML setup

Select the application you created and click on the “Sign on” tab, scroll down and you will see a section called “SAML Signing Certificates”, at the right side of this section there is a button called “View SAML setup instructions”.

  1. Click on the “View SAML setup instructions” button

  2. Copy the value from the first step “Identity Provider Single Sign-On URL” and paste it into the “Login URL” field on the External Share SSO configuration tab.

  3. Copy the value from the second step “Identity Provider Issuer” and paste it into the “Identifier” field on the External Share SSO configuration tab.

  4. Copy the value from the third step “X.509 Certificate” and paste it into the “Certificate” field on the External Share SSO configuration tab.

  5. Save

Info

There are no users assigned at this stage.

Assign users

  1. On Okta, navigate to the “Directory” tab

  2. Select the “People” sub-tab

  3. Add a user and assign them to the application

Note

Configuring SSO does NOT automatically limit users share access to SSO, you must first Require Corporate SSO loginwhen accessing shares.

If you wish to ensure the identity of external users is checked with your identity provider when accessing shares, you must require this option in the security tab in External Share.