Okta

How to Configure SAML 2.0 for Appsulate

Contents

Supported Features

The Okta/Appsulate SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.

Configuration Steps

  1. Contact the Appsulate Support team (support@appsulate.com) and request that they enable SAML 2.0 for your account. Also provide your desired tenant name. This name will appear in the URL of the Appsulate tenant provisioned for you. For example: [your-subdomain].appsulate.com.

  2. Copy the following Metadata URL and include it with your request:

    Sign into the Okta Admin dashboard to generate this value.

  3. The Appsulate Support team will process your request. You will receive an email from Appsulate containing some information required for next steps (configuring SSO to your Apps from within Appsulate).

  4. Navigate to Security > Identity Providers in your Okta admin panel, then click the Add Identity Provider:

    5. appsulate1.png

  5. Follow the steps below:

    • Name: Enter a meaningful name for the connection. For example: appsulatesso.

    • IdP Username: Select Idpuser.subjectNameId.

    • Match against: Select Okta Username or Email.

    • If no match is found: Select Redirect to Okta sign-in page.

    • IdP issuer URI: Enter your IdP issuer URI value you received from the Support team in step 3.

    • IdP Single Sign-On URL: Enter your IdP Single Sign-On URL value you received from the Support team in step 3.

    • IdP Signature Certificate: Upload your certificate you received from the Support team in step 3.

    • Click Show Advanced Settings.

      • appsulate2.png

    • Request Binding: Select HTTP-POST.

    • Request-Signature: Leave unchecked.

    • Response Signature Verification: Select Response or Assertion.

    • Response Signature Algorithm: Select SHA1.

    • Leave everything else as default configuration, then click Add Identity Provider

      • appsulate3.png

  6. Still on the Identity Providers page, click Download metadata and send it back to Appsulate Support.

    7. appsulate4.png

  7. After receiving a confirmation email, you can start assigning people to the application.

  8. Done!

Notes

Make sure that you entered the correct value in the Subdomain field under the General tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Appsulate.

SP-initiated SSO

Go to https://[your-subdomain].appsulate.com URL.