Okta

How to Configure SAML 2.0 for Cisco Webex


Read this before you enable SAML

Contents

Supported Features

The Okta/Cisco Webex SAML integration currently supports the following features:

For more information on the listed features, visit the Okta Glossary.

Configuration Steps

  1. Login to the Cisco Webex Control Hub at https://admin.webex.com as an administrator

  2. Navigate to Settings > Authentication, then click Modify:

    webex_new_a.png

  3. Select Integrate a 3rd-party provider. (Advanced), then click Next:

    webex_new_b.png

  4. Click Download Metadata File, then click Next:

    webex_new_c.png

  5. Open the downloaded Metadata file in a text editor. Locate and make a copy of the value of the following values:

    • entityID:

      The value should look like this: https://idbroker.webex.com/1a2b3c4d...

      get entityID value from metadata file

    • AssertionConsumerService:

      The value should look like this: https://idbroker.webex.com/idb/Consumer/metaAlias/1a2b3c4d.../sp

      get AssertionConsumerService value from metadata file

  6. In Okta, select the Sign On tab for the Cisco Webex Teams app, then click Edit.

    • Enter the entityID and AssertionConsumerService values you made a copy of in step 5 into the corresponding fields.

    • uid SAML attribute: Select the value that will be used for the uid SAML attribute (either Email or Username).

    • Click Save:

    enter entityID and AssertionConsumerService value into Okta Sign On

  7. Copy and paste the following IDP Metadata into a file and save as metadata.xml (do not use any spaces in the file name).

    Sign in to Okta Admin app to have this variable generated for you.

  8. Go back to the Enterprise Settings page. Click file browser to locate and upload the metadata.xml file you've just saved. Check Allow self-signed certificate in Metadata (less secure), then click Next:

    upload the metadata file you saved, check Allow self-signed certificate in Metadata, click, Next

  9. Click Test SSO Connection.

    Note: A new browser window will open - make sure that your browser allows for pop-ups.

    webex_new_f.png

  10. You should see a Single Sign-on succeeded message in a new browser tab. Close this tab.

    webex_new_g.png

  11. Select the The test was successful. Enable Single Sign On. option, then click Save:

    webex_new_h.png

  12. Done!

Notes

The following SAML attributes are supported:


SP-initiated SSO

  1. Go to https://teams.webex.com/signin.

  2. Enter your email, then click Next:

    go to: https://teams.webex.com/signin, enter your email, click Next