Configuring Okta Integration

Okta is 3rd party identity management service that enables institutions to securely and simply connect their users to a wide array of applications. To learn more about Okta, please visit https://www.okta.com/

To begin, we're going to create a new application in Okta that connects via SAML. From an Administration account, go to "Applications" and click the "Add Application" button.  

Screen_Shot_2016-06-30_at_4.09.16_PM.png

Next, click the "Create New App" button, and choose the "SAML 2.0" option.

step_1_-_new_app.png

 

 

Step 2. Configure the application settings

After you've created the app, you'll need to fill out some information about how it should display to your Okta users.

step-2---app-settings.jpg

Feel free to use the following logo that has been properly sized for the Okta application:

digication_okta_logo.png

 

 

Step 3. Configure the application SSO settings

The bulk of the Okta integration happens here. You're going to need a few fields during this setup, that are defined as follows:

1. Single Sign On URL will be unique to your Digication system and can be provided or created by our support team if you're unable to find it. It is simply the Digication URL you use to sign in, like "https://YOUR-SCHOOL.digication.com" followed by "/sso/saml/callback.php"

 

2. Audience URI (SP Entity ID) will be the same kind of Digication URL, followed by "/sso/saml/metadata.php"

 

3. Attribute Statements is a list of fields that describe your Okta users, mapped to a field that is sent to Digication upon a successful SSO request. The values in the left column represent the name of the field being sent to Digication, and the corresponding value (on the right) that is generated by Okta. Your user accounts may contain slightly different data, but we'll need the following kinds of fields:

  • A unique user identifier (custom user id, unique id, cwid, etc)
  • The user's email address
  • The user's first name
  • The user's last name
  • The user's username

4. Group Attribute Statements Digication requires a single group attribute to be configured in order to distinguish whether a user is a faculty member or a student.  This will correspond to the faculty role or its equivalent at your institution.

step-3---configure-sso.jpg

Step 4. Save

Since this will remain an internal application, choose the first option and then click the "Finish" button.

step-4---final.jpg

 

 

Step 5. Send Digication the Okta Metadata url

After finishing the application, you'll need to send us the newly-generated unique metadata from Okta. 

step-6---sso-instructions.jpg

To do so, go to the "Sign On" tab, and copy the link labeled "Identity Provider metadata". We do not need the content of this link, simply the URL. We will be able to configure the DIgication side of SSO using this  URL.

 

step-6a---metadata.jpg

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.