This setup might fail without parameter values that are customized for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.
The Okta/DigiCert SAML integration currently supports the following features:
Login to DigiCert as an administrator.
Navigate to SETTINGS > Single Sign-on.
Click Edit Federation Settings:
In the Federation Settings section, enter the following:
Under How will you send data from your IDP?:
Select Use a dynamic URL and enter the following metadata URL:
Sign into the Okta Admin dashboard to generate this value.
Under How will you identify a user?:
Select either NameID or Use a SAML attribute.
If you select Use a SAML attribute you must enter an email value.
Note: The email attribute is mapped to the Email user field in Okta. Use NameID option in case of a custom DigiCert nameid value.
Federation Name: The federation name must be unique. We recommend that you use your company name.
Click Save and Finish.
The Single Sign-on (SSO) page opens. Save the SP Initiated Custom SSO URL value, you will need this URL for the SP-initiated flow:
Done!
The following SAML attribute is supported:
| Name | Value |
|---|---|
| user.email |
Open the SP Initiated Custom SSO URL (step 5).