User authentication


How to configure Okta SSO for Condeco

Required: Admin permissions to your Okta organization’s account.

  1. Sign in to Okta with your admin account and open the Okta admin interface.
  1. In the Applications menu on the left, select Applications then click Create App Integration.

Okta admin portal
Okta admin portal
  1. On the Create a new app integration pop-up, select SAML 2.0 and click Next.

Create a new app integration - SAML 2.0
Create a new app integration - SAML 2.0

The SAML Integration page is displayed.

  1. In 1. General Settings enter a name for your app and click Next.

SAML integration - General Settings
SAML integration - General Settings
  1. In 2. Configure SAML, complete the fields as follows:

    1. Single sign-on URL: Enter https://sso.condecosoftware.com/sp/ACS.saml2 (or other value provided to you by Condeco) and tick Use this for Recipient URL and Destination URL.
    2. Audience URI (SP Entity ID): Enter PING-CONDECO (or other value provided to you by Condeco).
    3. Default RelayState: Enter your Condeco URL e.g. [yourcompany].condecosoftware.com
    4. Name ID format: Click the drop-down and select Transient.
    5. Application username: Click the drop-down and select Okta Username (or other value as defined by your organization policy).
    6. Update application username on: Click the drop-down and select Create and update.

SAML integration - Configure SAML
SAML integration - Configure SAML
  1. Click Show Advanced Settings and check the settings are as follows:

    1. Response: Signed.
    2. Assertion Signature: Signed.
    3. Digest Algorithm: RSA-SHA256.
    4. Assertion Encrytion: Unencrypted.
    5. Enable Single Logout: Not checked.
    6. Assertion Inline Hook: None (disabled).
    7. Authentication context class: PasswordProtectedTransport.
    8. Honor Force Authentication: Yes.
    9. SAML Issuer ID: http://www.okta.com/${org.externalKey}

SAML integration - Advanced settings
SAML integration - Advanced settings
  1. No further changes to this section are required. Scroll down the page and click Next at the bottom.
  1. In 3. Feedback click Finish. Your new application is displayed.

SAML integration - Feedback
SAML integration - Feedback
  1. In the application you just created, click the Sign On tab and scroll down to SAML Signing Certificates.

SAML signing certificates are on the application's Sign-in tab
SAML signing certificates are on the application's Sign-in tab
  1. Under SAML Signing Certificates click the Actions drop-down and select View IdP metadata.

SAML signing certificates
SAML signing certificates
  1. The metadata opens in a new tab. Right-click the tab and select Save As to save the metadata XML file.

Save the metadata XML file
Save the metadata XML file

Now send the Metadata XML to Condeco:

  • Existing customers: Create a support ticket in the Condeco Support portal and either attach the XML file in a secure zip file or request another secure way to send the data – via secured email or shared drive, for example.
  • New Condeco installations: Your Condeco project manager or technical consultant will advise how to securely send the XML file.

See also

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Please do not use this for support questions.
Condeco Support

Post Comment