Okta SAML Integration

SAML (Security Assertion Markup Language) is an open standard for exchanging security information and providing Single Sign-On (SSO) between 2 parties: an identity provider (IdP) and a service provider (SP).

This document walks you through setting up SAML based authentication between DeltaStream (SP) and Okta (IdP).

Okta documentation for configuing the SAML integration is available at https://help.okta.com/en-us/content/topics/apps/apps_app_integration_wizard_saml.htm

Initial Okta Setup

Log into your Okta dashboard. Then from the applications menu click Create App Integration.

For the sign-in method, click SAML 2.0 and then click Next."

Update the General Settings for the DeltaStream app integration. Optionally, set up the DeltaStream Logo for your application.

Set up the SAML integration with the following values.

Important Any settings not mentioned below must be left with default values.

General settings

Field Value

Field	Value
Single signon URL	`https://auth.deltastream.io/login/callback?connection=ds-okta-saml-placeholder`
Audience URI	`urn:auth0:deltastream:ds-okta-saml-placeholder`
Name ID format	`EmailAddress`
Application Username	`Email`
Update application username on	`Create and update`

Single signon URL

https://auth.deltastream.io/login/callback?connection=ds-okta-saml-placeholder

Audience URI

urn:auth0:deltastream:ds-okta-saml-placeholder

Name ID format

EmailAddress

Application Username

Email

Update application username on

Create and update

Attribute Statements

Click Add another and add the following mappings:

Name Name format Value

Name	Name format	Value
email	Basic	`user.email`
firstName	Basic	`user.firstName`
lastName	Basic	`user.lastName`

Basic

user.email

firstName

Basic

user.firstName

lastName

Basic

user.lastName

The screenshot below provides a visual reference. Enter the required values and then click Next.

Contact DeltaStream at ops@deltastream.io and provide the following information:

Your company's name
Your company's email domain
First Org admin's email address (you can add more later)
Single Sign-on URL
Sign-out URL
Issuer
Signing certificate

Sign-on URL, sign-out URL, issuer, and signing certificate can be found on the SAML Application Sign On Tab. Do not use values from the General tab.

b until DeltaStream provides you with the Audience URI.

Complete Okta Setup

After the integration is complete, DeltaStream provides you with the final Audience URI, which you must update in Okta. To do this:

Log into your OKTA dashboard. Then, from the applications menu, click DeltaStream.

Click to activate the General tab. Then, for SAML Settings, click Edit.
On the General Settings page, click Next.

Update the Single signon URL with the value DeltaStream provides you.
Update the Audience URI (SP Entity ID) with the value DeltaStream provides you.
Click Next and Finish to complete editing the Okta integration.

References

PreviousEnterprise Security Integrations NextOkta SCIM Integration

Last updated 15 days ago

Field	Value
Single signon URL	`https://auth.deltastream.io/login/callback?connection=ds-okta-saml-placeholder`
Audience URI	`urn:auth0:deltastream:ds-okta-saml-placeholder`
Name ID format	`EmailAddress`
Application Username	`Email`
Update application username on	`Create and update`

Field

Value

Single signon URL

https://auth.deltastream.io/login/callback?connection=ds-okta-saml-placeholder

Audience URI

urn:auth0:deltastream:ds-okta-saml-placeholder

Name ID format

EmailAddress

Application Username

Email

Update application username on

Create and update