Okta

How to Configure SAML 2.0 for Clear Review


Read this before you enable SAML

Enabling SAML will affect all users who use this application, which means that users will not be able to sign-in through their regular log-in page. They will only be able to access the app through the Okta service.

Backup URL

Clear Review does not provide backup log-in URL where users can sign-in using their normal username and password. You can call Clear Review support to turn off SAML, if necessary.

Contents

Supported Features

The Okta/Clear Review SAML integration currently supports the following features:

Configuration Steps

  1. Copy and save the following certificate as clearreview.crt:

    -----BEGIN CERTIFICATE-----
MIICvzCCAiigAwIBAgIJAM5q1grH+Nm4MA0GCSqGSIb3DQEBBQUAMEoxCzAJBgNV
BAYTAkdCMR8wHQYDVQQKExZPbmUgVG91Y2ggQXBwcyBMaW1pdGVkMRowGAYDVQQD
FBEqLmNsZWFycmV2aWV3LmNvbTAeFw0xNzA2MDkxNzM3MzRaFw0yMjA2MDkxNzM3
MzRaMEoxCzAJBgNVBAYTAkdCMR8wHQYDVQQKExZPbmUgVG91Y2ggQXBwcyBMaW1p
dGVkMRowGAYDVQQDFBEqLmNsZWFycmV2aWV3LmNvbTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAvcLb0B2nxYFWar5G5kawb4FXpwkeCc8kXZBhO2zYImfTtE3i
L5hJgSkzlSTsZKSkzDoHEFNIHFycRMZ0V98+LfXJ+nv3FUEPLK5c6gecUsvy/u1Q
uJHnHvMgBXEAgd8Rf8Bpm/w8KVSzSn9cySQRtbb1VgYH1h3lDAG5F4vXJpsCAwEA
AaOBrDCBqTAdBgNVHQ4EFgQU8h9alfEJb27YLEr55uknfLDSKOkwegYDVR0jBHMw
cYAU8h9alfEJb27YLEr55uknfLDSKOmhTqRMMEoxCzAJBgNVBAYTAkdCMR8wHQYD
VQQKExZPbmUgVG91Y2ggQXBwcyBMaW1pdGVkMRowGAYDVQQDFBEqLmNsZWFycmV2
aWV3LmNvbYIJAM5q1grH+Nm4MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
gYEAi/Ds3ArnLpU2YqHqEdl1MyCIrpHvhqfAAWSsN3skbDAxFcPVx/TH66CtswW7
xonSULyDvsAgxGIC9f8/jxeJIIHUn4KGbRGpx9YAkZmntUHcsVM46ne8QMV9lp91
IqhdEnbzYt+K/pT9wV2PtbsOttpHoAKNBgrAQcT1+3QvFAw=
-----END CERTIFICATE-----

  2. In Okta, select the Sign On tab for the Clear Review app, then click Edit.

    • Check Enable Single Logout.

    • Signature Certificate: Click Browse to locate the clearreview.crt file you saved in step 1, then click Upload to upload it to Okta.

    • Click Save.

    clearreview1.png

  3. Sign into your Clear Review instance as an administrator.

  4. Select Admin.

  5. Scroll down to the Single Sign-On Settings section.

  6. Click Change.

    7. clearreview2.png

  7. Enter the following:

    • Issuer URL: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • SAML2 Endpoint: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • SLO Endpoint: Copy and paste the following:

      Sign into the Okta Admin dashboard to generate this value.

    • X.509 Certificate: Copy and paste the following:

      Sign into the Okta Admin Dashboard to generate this variable.

    • Click Save.

    clearreview3.png

  8. Done!

Notes

The following SAML attributes are supported.

For SP-initiated SSO

Open your base URL: https://yourSubDomain.clearreview.com/.