SSO Implementation with Okta

This guide teaches you how to build Single Sign-On with Okta for RandomCoffee.

After you log in to your Okta account, perform the following steps:

Step 1

Click Admin as illustrated in the following screen:

Step 2

From the Okta Dashboard, click Add Application.

Step 3

ClickCreate New App, as illustrated below:

Step 4

In the following screen, ensure Web is selected as Platform. Select"SAML2.0" and click Create.

Step 5

Under the first step "General Settings", enter an application name (e.g.: “RandomCoffee”)and then click next.

Step 6

Under the second step “Configure SAML”, section A “SAML Settings”, enter the RandomCoffee service provider details which can be found on the SSO Setup page of your RandomCoffee organization, in the “Service Provider Details” section.

Now, download the encryption certificate by clicking “Download as file” at the end of the Service Provider Details section. You will upload this later in the Okta SAML configuration section, which is explained below.

In the following screen, click the Show Advanced Settings link to configure advanced SAML assertion settings.

Step 7

Configure the options as shown below. Ensure your field options reflect these values.

For the Encryption Certificate, upload the encryption file in the Encryption Certificate field shown above (remember, you downloaded the encryption file by clicking Download as a file link in the RandomCoffee Service Provider Details section earlier). Click Next to continue.

Step 8

Scroll down to the “Attribute Statements” section and add the following key-value pairs.

email → user.email
firstName → user.firstName
lastName → user.lastName

Step 9

Under the third step “Feedback”, select “I’m an Okta customer adding an internal app”, check “This is an internal app that we have created”, and then click Finish.