Okta SAML Integration
SAML stands for Security Assertion Markup Language. It is an open-standard for exchanging security information and providing Single Sign-On (SSO) between 2 parties: an identity provider (IdP) and a service provider (SP).
This document will walk through setting up SAML based authentication between DeltaStream (SP) and Okta (IdP).
Okta documentation for configuing the SAML integration is available at https://help.okta.com/en-us/content/topics/apps/apps_app_integration_wizard_saml.htm
Initial Okta Setup
Log into your Okta dashboard, navigate to the applications menu and click the "Create App Integration" button.
Select "SAML 2.0" the the sign-in method and click "Next".
Update the General Settings for the DeltaStream app integration. Optionally set up the DeltaStream Logo for your application.
Setup the SAML integration with the following values. Settings not mentioned below must be left with default values.
General settings
Field | Value |
---|---|
Single signon URL |
|
Audience URI |
|
Name ID format |
|
Application Username |
|
Update application username on |
|
Attribute Statements
Click on the "Add another" button and add the following mappings.
Name | Name format | Value |
---|---|---|
Basic |
| |
firstName | Basic |
|
lastName | Basic |
|
Refer to the following screenshot for a visual reference. Click the "Next" button after entering the required values.
Reach out to DeltaStream at ops@deltastream.io and provide the following information:
Your company's name
Your company's email domain
First Org admin's email address (you can add more later)
Single Sign-on URL
Sign-out URL
Issuer
Signing certificate
Wait for DeltaStream to provide you with the "Audience URI" before you proceed.
Complete Okta Setup
After integration is complete, DeltaStream will provide you with the final Audience URI which needs to be updated in Okta.
Log into your OKTA dashboard, navigate to the applications menu and click the "DeltaStream" application.
Select the "General" tab, click the "Edit" button for the "SAML Settings".
Click "Next" on the "General Settings" page.
Update the "Single signon URL" with the value provided by DeltaStream.
Update the "Audience URI (SP Entity ID)" with the value provided by DeltaStream.
Click "Next" and "Finish" to complete editing the Okta integration.
References
Last updated