Skip to main content

 

Eptura Knowledge Center

Okta SSO configuration

SSO and Condeco 


Configure Okta SSO for Condeco

Required: Admin permissions to your Okta organization’s account.

  1. Sign in to Okta with your admin account and open the Okta admin interface.
  1. Select Applications from the Applications menu on the left then click Create App Integration.

okta-206-sso.png
Okta admin portal

  1. Select SAML 2.0 on the Create a new app integration pop-up and click Next.

okta-sso-02.png
Create a new app integration - SAML 2.0

The SAML Integration page is displayed.

  1. Enter a name for your app in 1. General Settings and click Next.

okta-sso-03.png
SAML integration - General Settings

  1. In 2. Configure SAML, complete the fields as follows:
     
    1. Single sign-on URL: Enter https://sso.condecosoftware.com/sp/ACS.saml2 (or other value provided to you by Condeco) and tick Use this for Recipient URL and Destination URL.
    2. Audience URI (SP Entity ID): Enter PING-CONDECO (or other value provided to you by Condeco).
    3. Default RelayState: Enter your Condeco URL e.g. [yourcompany].condecosoftware.com
    4. Name ID format: Click the drop-down and select Transient.
    5. Application username: Click the drop-down and select Okta Username (or other value as defined by your organization policy).
    6. Update application username on: Click the drop-down and select Create and update.

okta-sso-04.png
SAML integration - Configure SAML

  1. Click Show Advanced Settings and check the settings are as follows:
     
    1. Response: Signed.
    2. Assertion Signature: Signed.
    3. Digest Algorithm: RSA-SHA256.
    4. Assertion Encrytion: Unencrypted.
    5. Enable Single Logout: Not checked.
    6. Assertion Inline Hook: None (disabled).
    7. Authentication context class: PasswordProtectedTransport.
    8. Honor Force Authentication: Yes.
    9. SAML Issuer ID: http://www.okta.com/${org.externalKey}

okta-sso-05.png
SAML integration - Advanced settings

  1. No further changes to this section are required. Scroll down the page and click Next at the bottom.
  1. In 3. Feedback click Finish. Your new application is displayed.

okta-sso-06.png
SAML integration - Feedback

  1. In the application you just created, click the Sign On tab and scroll down to SAML Signing Certificates.

okta-sso-05a.png
SAML signing certificates are on the application's Sign-in tab

  1. Under SAML Signing Certificates click the Actions drop-down and select View IdP metadata.

okta-sso-07_v1.png
SAML signing certificates

  1. The metadata opens in a new tab. Right-click the tab and select Save As to save the metadata XML file.

okta-sso-08_v1.png
Save the metadata XML file

  1. Now send the Metadata XML to Condeco:
  • Existing customers: Create a support ticket in the customer support portal https://support.condecosoftware.com/ and either attach the XML file in a secure zip file or request another secure way to send the data – via secured email or shared drive, for example.
  • New Condeco installations: Your Condeco project manager or technical consultant will advise how to securely send the XML file.