Before proceeding with this article, ensure that you have read our article about SAML Single Sign-on 🔐
Here, we will outline the steps to set up Okta as an Identity Provider.
1️⃣ Create an Okta SAML Web application
Log in to the Okta Developer Console
Sign in with an administrator account
From the left sidebar, expand Applications, then click on Applications
Click on Create App Integration
Choose SAML 2.0 as the Sign-in method
Click on next
Enter an App name for your application (e.g. "Fabriq") and click on Next
2️⃣ Configure the application for SAML SSO
On the Configure SAML page, you will need to enter the following information, ℹ️ reach out to us so that we can provide it to you:
Single sign-on URL
Audience URI (SP Entity ID)
Click on Save
3️⃣ Configure the attributes for SAML SSO
Set Name ID format to Persistent
Set Application username to user.getInternalProperty("id") or any other unique and immutable value
Scroll down to Attribute Statements
Add the following attributes one by one, the name format should be set to unspecified:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname : user.firstName
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname : user.lastName
The claims should look like as follows:
Scroll down, click on Next, then on Finish
4️⃣ Assign users to Fabriq
Navigate to the Assignments tab
You can either give access to the Fabriq SAML app to:
everyone in your organization
specific groups/users
5️⃣ Send us the App Federation Metadata file
Navigate back to the Sign On tab
Scroll down to SAML Signing Certificates
Click on the Actions button next to your preferred certificate, then click on View IdP metadata
Copy the URL
Send it to [email protected]