Okta SAML SSO Configuration

Setting up Okta

1. Go to the Admin Dashboard and create an app integration.
   • Select SAML 2.0
2. Have the fields match as to what is shown in the below screenshots for the Configure SAML section
   • Keep in mind that the Single-sign on URL will be dependent on the environment you're setting this up for, and the ID at the end will be dependent on your Revver SAML Config (once the config is created in Revver, edit it and the URL will contain the ID)
   • The SAML Issuer Id needs to begin with http://www.okta.com/ but anything after that is up to you.  It does need something and it needs to be unique, but it is something that you can make up if you'd like

     

      

3. Once it's been configured and the app is up and running, you'll need to get the SAML signing certificate
   • Inside the app, go to the Sign On tab 

     

   • Find and download the SHA-1 Certificate (note you may need to activate it first.  In which case ignore the warning and continue)

     

   • You will receive a .cert file.  Change the extension type to .cer

 

Configuring SAML in Revver 

1. Configure the name
2. The Issuer is the Issuer Id configured above
   • You can find this in Okta by going to going to the Sign On tab => Scroll to the Settings section => Click More Details => Issuer
3. The Entity ID will match the Audience Restriction area in Okta's app by going to General => SAML Settings => Audience Restriction
4. Be careful when using the SAML Endpoint as Okta has some misleading areas to find this
   • This can be found in Sign On => Settings => More Details => Sign on URL
5. Leave the rest blank (or configure as needed)
6. For the Signature, Choose File => Select the .cer file (formerly a .cert file) that was downloaded (see the above Setting Up Okta section)
7. Click save

 

Here's an example Config: