Okta SAML Integration
Last updated
Last updated
SAML (Security Assertion Markup Language) is an open standard for exchanging security information and providing single sign-on (SSO) between 2 parties: an identity provider (IdP) and a service provider (SP).
This document walks you through setting up SAML-based authentication between DeltaStream (SP) and Okta (IdP).
Find the Okta documentation for configuring the SAML integration at https://help.okta.com/en-us/content/topics/apps/apps_app_integration_wizard_saml.htm
Log into your Okta dashboard. Then from the applications menu click Create App Integration.
For the sign-in method, click SAML 2.0 and then click Next.
Update the General Settings for the DeltaStream app integration. Optionally, also set up the DeltaStream Logo for your application.
Set up the SAML integration with the following values:
Important You must retain the default values for any setting not mentioned below.
Single sign-on URL
https://auth.deltastream.io/login/callback?connection=ds-okta-saml-placeholder
Audience URI
urn:auth0:deltastream:ds-okta-saml-placeholder
Name ID format
EmailAddress
Application Username
Email
Update application username on
Create and update
Click Add another and add the following mappings:
Basic
user.email
firstName
Basic
user.firstName
lastName
Basic
user.lastName
The screenshot below provides a visual reference. Enter the required values and then click Next.
Contact DeltaStream at ops@deltastream.io and provide the following information:
Your company's name
Your company's email domain
First Org admin's email address (you can add more later)
Single sign-on URL
Sign-out URL
Issuer
Signing certificate
Navigate to the SAML Application Sign On tab for the values for sign-on URL, sign-out URL, issuer, and signing certificate. Do not use values from the General tab.
After the integration is complete, DeltaStream provides you with the final Audience URI, which you must update in Okta. To do this:
Log into your OKTA dashboard. Then, from the applications menu, click DeltaStream.
Click to activate the General tab. Then, for SAML Settings, click Edit.
On the General Settings page, click Next.
Update the Single sign-on URL with the value DeltaStream provides you.
Update the Audience URI (SP Entity ID) with the value DeltaStream provides you.
Click Next and Finish to complete editing the Okta integration.
