This setup might fail without parameter values that are customized for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.
The Okta/Deputy SAML integration currently supports the following features:
For more information on the listed features, visit the Okta Glossary.
Login to your Deputy account as an administrator.
In the upper right corner, click on your account, select Business settings, then under the General tab, click Single Sign-On settings.
Enter the following:
Select Enable single sign-on.
Identity provider login URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Identity provider logout URL: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
Identity provider issuer: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
X.509 certificate: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.
(Optional): Select Single sign-on login required to only allow logins into the Deputy app from Okta.
Warning: This option disables all other types of authentication, so make sure you have tested your SSO configuration before enabling this option! If there are any configuration issues, you will be locked out of your account and you will need to contact Deputy Support!
(Optional) Select Enable Just-in-time provisioning and enter the following:
First name: Enter FirstName
Last name: Enter LastName
Select Apply changes.
Done!
Make sure that you selected the correct value in the subdomain field under the General application tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Deputy.
The following SAML attributes are supported:
| Name | Value |
|---|---|
| FirstName | user.firstName |
| LastName | user.lastName |
| EmailAddress | user.userName |